Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus hijacking computer need help


  • This topic is locked This topic is locked
15 replies to this topic

#1 Terk1023

Terk1023

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 03 May 2016 - 07:42 PM

Hi I just downloaded a file that I thought was a portable Photoshop application but instead it didn't do anything but put a bunch of "antivirus" applications that I haven't ever gotten and opened random web pages in Google chrome then proceded to freeze then crash my computer. I haven't turned on my computer since the initial crash out of fear of letting the virus ran rampant throught my system. Windows defender found a bunch of Trojans acter the virus was first run. If anyone has any suggestions that would be greatly appreciated!

Edited by Terk1023, 03 May 2016 - 07:56 PM.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 03 May 2016 - 08:10 PM

Hi Terk1023 :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
  • Since I'm still a trainee, all my posts have to be reviewed by an instructor prior to be posted to make sure that you receive the best assistance possible. Sorry for the inconvenience. This being said, I have a full time job, and I also have night classes on Mondays and Wednesdays, which means that if you reply during these two days, it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

To get started, I'll ask you to follow the instructions in the preparation guide below, and provide both the FRST.txt and Addition.txt logs like asked.

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

If you cannot get FRST to run properly, or use your system at a decent level under a normal boot, you can boot in Safe Mode (pick Safe Mode with Networking)

http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Terk1023

Terk1023
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 04 May 2016 - 02:48 AM

Hi, thank you Aura for helping me with my situation! here is my FRST.txt log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-05-2016
Ran by Terrick (administrator) on TERRICK-PC (04-05-2016 00:42:24)
Running from C:\Users\Terrick\Desktop
Loaded Profiles: Terrick & UpdatusUser (Available Profiles: Terrick & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\807e12cb322b27e5fb028b7c0deb7b42\c4df5b15175b82fdcc42354a0ffd4c9f.exe
(                                                                                                    ) C:\Windows\Temp\mrtBBCE.tmp\stdrt.exe
() C:\Windows\big world search_03052016163659\big-world-search03052016163659.exe
() C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
() C:\Windows\big world search_03052016163659\big-world-search03052016163659_updater_service.exe
() C:\ProgramData\CloudPrinter\CloudPrinter.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\knsoD80C.tmpfs
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\WeatherChickn\WeatherChickn.exe
() C:\ProgramData\Zonekix\Zonekix.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\hnss974.tmp
() C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\jnsdF221.tmp
() C:\Program Files\nplus\nplus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Windows\big world search_03052016163659\addon\netman.exe
() C:\Program Files\807e12cb322b27e5fb028b7c0deb7b42\fa528650facf12c8dce9ea5e2ed43370.exe
() C:\Program Files\807e12cb322b27e5fb028b7c0deb7b42\c4df5b15175b82fdcc42354a0ffd4c9f.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(dyF) C:\Program Files (x86)\browseextension\otutnetwork.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\ProgramData\hser\hser.exe
(Microsoft) C:\Users\Terrick\WindowHostV105\WindowHost.exe
() C:\Program Files (x86)\browseextension\wincom_3SO.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft) C:\Users\Terrick\z1589-Windows\WSecurity.exe
() C:\Windows\Buzzing Dhol\Buzzing Dhol\Buzzing Dhol.exe
() C:\Windows\Buzzing Dhol\Buzzing Dhol\Buzzing Dhol.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira) C:\Users\Terrick\z1589-Windows\avgurad.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowHost] => C:\Users\Terrick\WindowHostV105\WindowHost.exe [12800 2016-04-30] (Microsoft)
HKLM\...\Run: [WINCOM3SO] => C:\Program Files (x86)\browseextension\wincom_3SO.exe [4049408 2016-05-03] ()
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKLM\...\RunOnce: [OTUTPRODUCT_OKG7E] => C:\Program Files (x86)\browseextension\otutnetwork.exe [568832 2016-05-03] (dyF)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [uTorrent] => C:\Users\Terrick\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-23] (BitTorrent Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Google Update] => C:\Users\Terrick\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-09] (Google Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [WSecurity] => C:\Users\Terrick\z1589-Windows\WSecurity.exe [907264 2016-05-01] (Microsoft)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Buzzing Dhol] => C:\WINDOWS\Buzzing Dhol\Buzzing Dhol\Buzzing Dhol.exe [701440 2016-05-03] ()
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Buzzing Dhol.exe] => C:\WINDOWS\system32\Buzzing Dhol.exe
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\RunOnce: [Uninstall C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\RunOnce: [Uninstall C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\RunOnce: [Uninstall C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\RunOnce: [Uninstall C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Terrick\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\hser\UniDontip.dll => C:\ProgramData\hser\UniDontip.dll [361984 2016-05-04] ()
AppInit_DLLs-x32: C:\ProgramData\hser\Jayzundox.dll => C:\ProgramData\hser\Jayzundox.dll [257536 2016-05-04] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2014-10-09]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Terrick\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [S-1-5-21-1073046790-4199721133-1898668055-1002] => Proxy is enabled.
ProxyServer: [S-1-5-21-1073046790-4199721133-1898668055-1002] => http=127.0.0.1:808;https=127.0.0.1:808
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6fa390ac-ca95-4047-9bd3-549698be1787}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7417b236-bce1-43d3-9f35-bde8418d8020}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b10fc2b3-895f-4656-81b5-58c584aa9cf1}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1http=127.0.0.1:808;https=127.0.0.1:808
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130888630366151152&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGKuthGeVOOlIkvncdyZJYNUuVGPGaJZauPNQsm8Snz6JZtb5j9MqGpjtnswjUG_IhjDjBIHig,,&q={searchTerms}
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQI9VV9fRDT66ivNoiyCWSLD0RdJHDgD8f3V72J92fMOAIC3CO_JEetRwx6NZkcDZSxsU74C1zkysojbAf8dCjEQ-Ck-_Xow,,
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?lang=en-ca&OCID=iehp
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGKuthGeVOOlIkvncdyZJYNUuVGPGaJZauPNQsm8Snz6JZtb5j9MqGpjtnswjUG_IhjDjBIHig,,&q={searchTerms}
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGKuthGeVOOlIkvncdyZJYNUuVGPGaJZauPNQsm8Snz6JZtb5j9MqGpjtnswjUG_IhjDjBIHig,,&q={searchTerms}
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGU7y4MBkTwjUpAPL8ez14QX9Zwua2Xf18ey4MfVbneCO-RrtXjctiqyEykwiBq6KFsMnew,&q={searchTerms}
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQI9VV9fRDT66ivNoiyCWSLDoBTzLevRaAZ-ZDLnKdko3plVbaR9i_nydKmXwgEWG-ruBP7XGwdR89m6heKTtrLo_uaiw,
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGU7y4MBkTwjUpAPL8ez14QX9Zwua2Xf18ey4MfVbneCO-RrtXjctiqyEykwiBq6KFsMnew,&q={searchTerms}
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGU7y4MBkTwjUpAPL8ez14QX9Zwua2Xf18ey4MfVbneCO-RrtXjctiqyEykwiBq6KFsMnew,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGKuthGeVOOlIkvncdyZJYNUuVGPGaJZauPNQsm8Snz6JZtb5j9MqGpjtnswjUG_IhjDjBIHig,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGKuthGeVOOlIkvncdyZJYNUuVGPGaJZauPNQsm8Snz6JZtb5j9MqGpjtnswjUG_IhjDjBIHig,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002 -> URL hxxp://www.golsearch.com/?q={searchTerms}&babsrc=SP_ss_Btisdt6&mntrId=0CBB00FF5ED0C36C&affID=120006&tsp=4945
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGKuthGeVOOlIkvncdyZJYNUuVGPGaJZauPNQsm8Snz6JZtb5j9MqGpjtnswjUG_IhjDjBIHig,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1010 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGU7y4MBkTwjUpAPL8ez14QX9Zwua2Xf18ey4MfVbneCO-RrtXjctiqyEykwiBq6KFsMnew,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1010 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL0gOE3KwwuqM-kXaefTnwGU7y4MBkTwjUpAPL8ez14QX9Zwua2Xf18ey4MfVbneCO-RrtXjctiqyEykwiBq6KFsMnew,&q={searchTerms}
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-12] (AVG Secure Search)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.94\Bin\npSSOAxCtrlForPTLogin.dll [2013-01-24] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/O1DPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Terrick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/GoogleTalkPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/O3DPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=3 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=9 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: facebook.com/fbDesktopPlugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.facebook.com/","hxxp://www.outlook.com/","hxxp://www.flickr.com/","hxxp://www.youtube.com/","hxxps://www.paypal.com/"
CHR DefaultSearchURL: Profile 1 -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMxeB3pbvnbuUBm6tNPIfdtHRq6WtfLURBAuh4QvJgUBXhOmW2Hhe3lR-YsHN3UBFP-IB3x84JSNtEQL18B6uWRAGwWXmT9JMKuVqhziEfLJCU1QKWoxayr3FgjGtSa6l7zNfN4Lr3peIY7iE-MP7pS73K0csutKUbgykOe3sk,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Tampermonkey) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-13]
CHR Extension: (AdBlock Premium) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-08-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Hola Better Internet) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-04-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx <not found>
StartMenuInternet: Google Chrome.T-Harls - C:\Users\T-Harls\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Tyrell - C:\Users\Tyrell\AppData\Local\Google\Chrome\Application\chrome.exe
 
Opera: 
=======
OPR StartupUrls:  "hxxp://facebook.com/", "hxxp://youtube.com/", "hxxp://outlook.com/", "hxxp://dropbox.com/", "hxxp://musicpleer.com/" 
OPR Extension: (Adblock Plus) - C:\Users\Terrick\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-08-18]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [1203619 2016-05-03] (                                                                                                    ) [File not signed] <==== ATTENTION
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1318944 2016-02-03] ()
R2 big-world-search03052016163659; C:\Windows\big world search_03052016163659\big-world-search03052016163659.exe [8192 2016-01-14] () [File not signed]
R2 big-world-search03052016163659_updater_service; C:\Windows\big world search_03052016163659\big-world-search03052016163659_updater_service.exe [6144 2016-01-14] () [File not signed]
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [832000 2016-05-03] () [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-22] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S4 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5786136 2014-08-13] (Hola Networks Ltd.)
S4 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [5786136 2014-08-13] (Hola Networks Ltd.)
R2 hser; C:\ProgramData\\hser\\hser.exe [692736 2016-05-04] () [File not signed]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2756736 2016-04-19] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-04-19] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 nplus; C:\Program Files\nplus\nplus.exe [383488 2016-05-03] () [File not signed]
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-04-24] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-04-13] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-01] ()
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 rijufoze; C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\hnss974.tmp [138240 2016-05-03] () [File not signed]
R2 rocufyky; C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\jnsdF221.tmp [389632 2016-05-03] () [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [835664 2016-04-26] (Valve Corporation) [File not signed]
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2016-03-15] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WeatherChiknSrvr; C:\Program Files (x86)\WeatherChickn\WeatherChickn.exe [238592 2016-04-15] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 Zonekix; C:\ProgramData\\Zonekix\\Zonekix.exe [832000 2016-05-03] () [File not signed]
R2 549cd3c84dcb950849e33cbb5efd79a7; "C:\Program Files\807e12cb322b27e5fb028b7c0deb7b42\c4df5b15175b82fdcc42354a0ffd4c9f.exe" [X]
R2 dusyzokyzbt; C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\knsoD80C.tmpfs [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
R3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-12-11] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [360288 2016-02-04] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-12-11] ()
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-24] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-01] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-10-22] (YTDownloader)
S3 Si3132r5; C:\Windows\system32\drivers\Si3132r5.sys [337960 2007-12-26] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2007-12-26] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2007-12-26] (Silicon Image, Inc.)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-11-12] (Anchorfree Inc.)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-12-06] (TENCENT) [File not signed]
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [39936 2015-10-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R4 WinDivert1.1; C:\Windows\big world search_03052016163659\WinDivert64.sys [38064 2015-09-16] (Basil)
R3 XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
R1 35e670fc7424757c5eee45931c02558b; system32\DRIVERS\35e670fc7424757c5eee45931c02558b.sys [X]
U3 idsvc; no ImagePath
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-04 00:42 - 2016-05-04 00:42 - 00041193 _____ C:\Users\Terrick\Desktop\FRST.txt
2016-05-04 00:41 - 2016-05-04 00:41 - 02377216 _____ (Farbar) C:\Users\Terrick\Downloads\Unconfirmed 531257.crdownload
2016-05-04 00:39 - 2016-05-04 00:41 - 00091429 _____ C:\Users\Terrick\Downloads\FRST.txt
2016-05-04 00:39 - 2016-05-04 00:39 - 00000000 ____D C:\FRST
2016-05-04 00:38 - 2016-05-04 00:38 - 02377216 _____ (Farbar) C:\Users\Terrick\Desktop\FRST64.exe
2016-05-04 00:30 - 2016-05-04 00:33 - 00000000 ____D C:\ProgramData\hser
2016-05-04 00:30 - 2016-05-04 00:30 - 00000000 ____D C:\ProgramData\hsers
2016-05-04 00:29 - 2016-05-04 00:29 - 00000000 _____ C:\WINDOWS\SysWOW64\x64.txt
2016-05-03 16:45 - 2016-05-03 16:45 - 00002069 _____ C:\Users\Terrick\Desktop\Buzzing Dhol.lnk
2016-05-03 16:45 - 2016-05-03 16:45 - 00000000 ____D C:\WINDOWS\Buzzing Dhol
2016-05-03 16:43 - 2016-05-03 16:45 - 00000000 ____D C:\Users\Terrick\AppData\Local\BrowserHelper
2016-05-03 16:43 - 2016-05-03 16:43 - 00000000 ____D C:\WINDOWS\big world search_03052016163659
2016-05-03 16:42 - 2016-05-03 16:43 - 00003692 _____ C:\WINDOWS\System32\Tasks\YTDownloader
2016-05-03 16:42 - 2016-05-03 16:42 - 00004020 _____ C:\WINDOWS\System32\Tasks\YTDownloaderUpd
2016-05-03 16:42 - 2016-05-03 16:42 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2016-05-03 16:42 - 2016-05-03 16:42 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-05-03 16:36 - 2016-05-03 16:36 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\vnlgp
2016-05-03 16:34 - 2016-05-03 16:34 - 01203619 _____ ( ) C:\WINDOWS\SysWOW64\lnsecsl.exe
2016-05-03 16:32 - 2016-05-03 16:43 - 00000000 ____D C:\WINDOWS\hwopt_03052016163218
2016-05-03 16:29 - 2016-05-03 16:29 - 00001187 _____ C:\Users\Terrick\Desktop\Continue installation .lnk
2016-05-03 16:26 - 2016-05-03 16:26 - 00000013 _____ C:\WINDOWS\system32\Example.txt
2016-05-03 16:12 - 2016-04-23 03:28 - 00000804 ____R C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-03 16:11 - 2016-05-04 00:33 - 00000000 ____D C:\ProgramData\Zonekix
2016-05-03 16:11 - 2016-05-04 00:31 - 00002401 _____ C:\WINDOWS\SysWOW64\findit.xml
2016-05-03 16:11 - 2016-05-04 00:30 - 00000000 ____D C:\Program Files\nplus
2016-05-03 16:11 - 2016-05-03 16:12 - 00000000 ____D C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1
2016-05-03 16:11 - 2016-05-03 16:11 - 06494208 _____ C:\Users\Terrick\AppData\Roaming\agent.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 01626777 _____ C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00188634 _____ () C:\Users\Terrick\AppData\Roaming\Dombam.bin
2016-05-03 16:11 - 2016-05-03 16:11 - 00126464 _____ C:\Users\Terrick\AppData\Roaming\noah.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 00126464 _____ C:\Users\Terrick\AppData\Roaming\lobby.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 00072717 _____ C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00065568 _____ C:\Users\Terrick\AppData\Roaming\Config.xml
2016-05-03 16:11 - 2016-05-03 16:11 - 00054272 _____ C:\Users\Terrick\AppData\Roaming\ApplicationHosting.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 00018432 _____ C:\Users\Terrick\AppData\Roaming\Main.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 00005568 _____ C:\Users\Terrick\AppData\Roaming\md.xml
2016-05-03 16:11 - 2016-05-03 16:11 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\YSPackage
2016-05-03 16:11 - 2016-05-03 16:11 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage
2016-05-03 16:11 - 2016-05-03 16:11 - 00000000 ____D C:\ProgramData\Zonekixs
2016-05-03 16:11 - 2016-05-03 16:11 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-05-03 16:11 - 2016-05-03 16:10 - 00832000 _____ C:\Users\Terrick\AppData\Roaming\Zenrunsoft.exe
2016-05-03 16:11 - 2016-05-03 16:10 - 00832000 _____ C:\Users\Terrick\AppData\Roaming\DoubleIs.exe
2016-05-03 16:10 - 2016-05-03 16:10 - 00848437 _____ C:\Users\Terrick\AppData\Roaming\Sol-Dex.bin
2016-05-03 16:10 - 2016-05-03 16:10 - 00127488 _____ C:\Users\Terrick\AppData\Roaming\Installer.dat
2016-05-03 16:10 - 2016-05-03 16:10 - 00017040 _____ C:\Users\Terrick\AppData\Roaming\InstallationConfiguration.xml
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\Users\Terrick\z1589-Windows
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\Users\Terrick\WindowHostV105
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\Users\Terrick\AppData\Local\csdi_monetize_120160503
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hostifyx
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\Program Files (x86)\WeatherChickn
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\Program Files (x86)\Hostifyx
2016-05-03 16:10 - 2016-05-03 16:10 - 00000000 ____D C:\Program Files (x86)\browseextension
2016-05-03 16:09 - 2016-05-04 00:28 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-05-03 16:09 - 2016-05-03 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Sear
2016-05-03 16:08 - 2016-05-03 16:08 - 02623120 _____ C:\WINDOWS\chromebrowser.exe
2016-05-03 15:58 - 2016-05-03 16:12 - 00000000 ____D C:\Users\Terrick\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll)
2016-05-03 15:42 - 2016-05-03 15:42 - 12095066 _____ C:\Users\Terrick\Downloads\workbench_materials.zip
2016-05-03 15:42 - 2016-05-03 15:42 - 00001008 _____ C:\Users\Terrick\Desktop\VTFEdit.lnk
2016-05-03 15:42 - 2016-05-03 15:42 - 00000000 ____D C:\Users\Terrick\Downloads\workbench_materials
2016-05-03 15:41 - 2016-05-03 15:41 - 00000000 ____D C:\Program Files (x86)\VTFEdit
2016-04-27 15:38 - 2016-04-27 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-04-23 03:25 - 2016-04-23 03:25 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-23 03:25 - 2016-04-23 03:25 - 00001994 _____ C:\WINDOWS\unins000.dat
2016-04-23 03:25 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-23 03:25 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-23 03:21 - 2016-04-23 03:23 - 00000000 ____D C:\Users\Terrick\Downloads\Bandicam 3.0.4.1035 RePack (& Portable) by KpoJIuK
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dxtory Software
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Program Files (x86)\ExKode
2016-04-22 02:18 - 2016-04-22 02:18 - 00000843 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-04-22 02:18 - 2016-04-22 02:18 - 00000000 ____D C:\Program Files\Speccy
2016-04-22 01:21 - 2016-04-22 01:21 - 00000920 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\Program Files\CPUID
2016-04-13 16:45 - 2016-04-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 18:34 - 2016-03-29 01:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 18:34 - 2016-03-29 00:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 18:34 - 2016-03-29 00:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-12 18:34 - 2016-03-28 23:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-12 18:34 - 2016-03-28 23:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-12 18:34 - 2016-03-28 23:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-12 18:34 - 2016-03-28 22:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-12 18:34 - 2016-03-28 22:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-12 18:33 - 2016-04-01 21:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 18:33 - 2016-04-01 21:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 18:33 - 2016-04-01 20:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-12 18:33 - 2016-04-01 20:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-12 18:33 - 2016-04-01 20:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 18:33 - 2016-04-01 20:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-12 18:33 - 2016-04-01 20:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-12 18:33 - 2016-04-01 20:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 18:33 - 2016-04-01 20:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-12 18:33 - 2016-04-01 20:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-12 18:33 - 2016-03-29 03:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 18:33 - 2016-03-29 03:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 03:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 18:33 - 2016-03-29 03:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 18:33 - 2016-03-29 03:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 18:33 - 2016-03-29 03:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 18:33 - 2016-03-29 02:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 02:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-12 18:33 - 2016-03-29 02:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-12 18:33 - 2016-03-29 02:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 18:33 - 2016-03-29 02:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-12 18:33 - 2016-03-29 01:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 18:33 - 2016-03-29 01:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-12 18:33 - 2016-03-29 01:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 18:33 - 2016-03-29 01:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 18:33 - 2016-03-29 01:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 18:33 - 2016-03-29 00:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-12 18:33 - 2016-03-29 00:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 18:33 - 2016-03-29 00:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-12 18:33 - 2016-03-29 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-12 18:33 - 2016-03-29 00:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 18:33 - 2016-03-29 00:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 18:33 - 2016-03-29 00:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-12 18:33 - 2016-03-29 00:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-12 18:33 - 2016-03-29 00:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 18:33 - 2016-03-29 00:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 18:33 - 2016-03-29 00:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 18:33 - 2016-03-29 00:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-29 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 18:33 - 2016-03-29 00:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-12 18:33 - 2016-03-29 00:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-12 18:33 - 2016-03-29 00:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-12 18:33 - 2016-03-29 00:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-12 18:33 - 2016-03-29 00:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-12 18:33 - 2016-03-29 00:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 18:33 - 2016-03-29 00:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-12 18:33 - 2016-03-28 23:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 18:33 - 2016-03-28 23:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-12 18:33 - 2016-03-28 23:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-28 23:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-12 18:33 - 2016-03-28 23:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-12 18:33 - 2016-03-28 23:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-12 18:33 - 2016-03-28 23:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-12 18:33 - 2016-03-28 23:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-28 23:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 18:33 - 2016-03-28 23:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-12 18:33 - 2016-03-28 23:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-12 18:33 - 2016-03-28 23:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-28 23:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 18:33 - 2016-03-28 23:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 23:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 18:33 - 2016-03-28 23:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 18:33 - 2016-03-28 23:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 18:33 - 2016-03-28 22:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 22:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-12 18:33 - 2016-03-28 22:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-12 18:33 - 2016-03-28 22:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-12 18:33 - 2016-03-28 22:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-12 18:33 - 2016-03-28 22:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-12 18:33 - 2016-03-28 22:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 18:33 - 2016-03-28 22:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-12 18:33 - 2016-03-28 22:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-12 18:33 - 2016-03-28 22:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-12 18:33 - 2016-03-28 22:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-12 18:33 - 2016-03-28 22:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-12 18:33 - 2016-03-28 22:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-12 18:33 - 2016-03-28 22:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 18:33 - 2016-03-28 22:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 18:32 - 2016-04-01 20:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-12 18:32 - 2016-04-01 20:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-12 18:32 - 2016-04-01 20:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-12 18:32 - 2016-04-01 20:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-12 18:32 - 2016-04-01 20:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-12 18:32 - 2016-04-01 20:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-12 18:32 - 2016-03-29 03:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 18:32 - 2016-03-29 03:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 18:32 - 2016-03-29 03:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 03:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 18:32 - 2016-03-29 03:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-12 18:32 - 2016-03-29 02:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 18:32 - 2016-03-29 02:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 02:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 18:32 - 2016-03-29 02:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 18:32 - 2016-03-29 02:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 18:32 - 2016-03-29 02:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 18:32 - 2016-03-29 02:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-12 18:32 - 2016-03-29 02:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-12 18:32 - 2016-03-29 01:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 01:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 18:32 - 2016-03-29 01:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-12 18:32 - 2016-03-29 01:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-12 18:32 - 2016-03-29 01:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 18:32 - 2016-03-29 01:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-12 18:32 - 2016-03-29 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 01:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-12 18:32 - 2016-03-29 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-12 18:32 - 2016-03-29 00:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 18:32 - 2016-03-29 00:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 18:32 - 2016-03-29 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 18:32 - 2016-03-29 00:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 18:32 - 2016-03-29 00:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-12 18:32 - 2016-03-29 00:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 18:32 - 2016-03-29 00:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 18:32 - 2016-03-29 00:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 18:32 - 2016-03-29 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 18:32 - 2016-03-29 00:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 18:32 - 2016-03-29 00:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 18:32 - 2016-03-29 00:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 18:32 - 2016-03-29 00:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-12 18:32 - 2016-03-29 00:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-12 18:32 - 2016-03-29 00:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 18:32 - 2016-03-29 00:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 18:32 - 2016-03-29 00:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 18:32 - 2016-03-29 00:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 18:32 - 2016-03-29 00:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 00:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 18:32 - 2016-03-29 00:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-12 18:32 - 2016-03-29 00:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 18:32 - 2016-03-28 23:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-12 18:32 - 2016-03-28 23:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-12 18:32 - 2016-03-28 23:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 18:32 - 2016-03-28 23:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-28 23:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-28 23:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-28 23:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-12 18:32 - 2016-03-28 23:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-12 18:32 - 2016-03-28 23:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 18:32 - 2016-03-28 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-12 18:32 - 2016-03-28 23:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 18:32 - 2016-03-28 23:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 23:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 18:32 - 2016-03-28 23:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-12 18:32 - 2016-03-28 22:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 18:32 - 2016-03-28 22:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 22:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 18:32 - 2016-03-28 22:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 18:32 - 2016-03-28 22:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 18:32 - 2016-03-28 22:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 00002093 _____ C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\Users\Terrick\Downloads\54798b85b50d61a97628-5bb6189bb24cd25d80cb9968c36d640e5ec22008
2016-04-09 12:41 - 2016-04-09 12:41 - 00001661 _____ C:\Users\Terrick\Downloads\54798b85b50d61a97628-5bb6189bb24cd25d80cb9968c36d640e5ec22008.zip
2016-04-09 02:20 - 2016-04-09 02:20 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2016-04-07 15:48 - 2016-04-30 17:26 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-07 15:48 - 2016-04-07 15:48 - 20355776 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-04-07 15:48 - 2016-04-07 15:48 - 00003966 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-04 00:42 - 2015-06-22 01:32 - 00000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-04 00:39 - 2015-04-28 22:59 - 00002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-04 00:35 - 2016-01-08 10:44 - 01013824 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-04 00:35 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-04 00:33 - 2016-01-08 10:44 - 00000000 ____D C:\Users\UpdatusUser
2016-05-04 00:30 - 2015-10-09 02:09 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-04 00:29 - 2015-06-22 01:32 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-04 00:28 - 2016-01-08 11:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-04 00:28 - 2016-01-08 10:41 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-03 16:26 - 2015-10-09 02:09 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-03 16:24 - 2016-01-08 10:44 - 00000000 ____D C:\Users\Terrick
2016-05-03 16:23 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-03 16:23 - 2015-03-18 20:46 - 00000000 ____D C:\Program Files (x86)\Bandicam
2016-05-03 16:23 - 2011-09-06 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-03 16:09 - 2011-09-06 17:15 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002UA.job
2016-05-03 16:07 - 2011-09-13 16:14 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\uTorrent
2016-05-03 16:05 - 2012-03-16 23:00 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011UA.job
2016-05-03 15:54 - 2013-04-21 01:50 - 00000000 ____D C:\Users\Terrick\Desktop\Creative Software
2016-05-03 15:48 - 2015-01-29 00:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-03 14:09 - 2011-09-06 17:15 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002Core.job
2016-05-03 06:36 - 2016-02-03 18:36 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-05-03 03:42 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-03 03:42 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-03 03:42 - 2014-06-05 14:46 - 00000000 ____D C:\Users\Terrick\AppData\Local\Packages
2016-05-03 02:00 - 2011-12-17 00:16 - 00000000 ____D C:\Users\Terrick\AppData\Local\Adobe
2016-05-02 23:05 - 2012-03-16 23:00 - 00000860 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011Core.job
2016-04-28 01:55 - 2013-04-21 01:59 - 00000000 ____D C:\Users\Terrick\Desktop\Recording Software
2016-04-27 15:38 - 2012-02-16 19:15 - 00000000 ____D C:\Fraps
2016-04-23 20:47 - 2016-02-03 18:35 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\TS3Client
2016-04-23 04:34 - 2012-09-02 19:53 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\.minecraft
2016-04-22 23:12 - 2015-06-22 01:50 - 00000000 ___RD C:\Users\Terrick\Dropbox
2016-04-22 02:28 - 2016-03-07 14:19 - 00000000 ___RD C:\Users\Terrick\Desktop\Tools
2016-04-22 00:57 - 2010-11-20 20:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 16:38 - 2016-03-11 17:00 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2016-04-21 16:38 - 2016-03-11 16:59 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-04-21 16:37 - 2016-03-11 17:06 - 00001127 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2016-04-21 14:02 - 2016-01-08 19:25 - 00002421 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-21 14:02 - 2016-01-08 19:25 - 00000000 ___RD C:\Users\Terrick\OneDrive
2016-04-16 16:59 - 2013-04-21 01:52 - 00000000 ____D C:\Users\Terrick\Desktop\Text and random
2016-04-14 13:21 - 2014-10-09 02:23 - 00003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1412846597
2016-04-14 13:21 - 2014-10-09 02:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-14 02:06 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-04-14 02:06 - 2011-09-07 07:06 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-04-13 16:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-13 16:46 - 2015-06-22 01:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-13 15:44 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-04-13 15:43 - 2011-10-15 22:15 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-13 12:37 - 2015-06-22 01:32 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dropbox
2016-04-13 05:19 - 2016-01-08 10:36 - 05045872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 00:11 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 00:09 - 2013-08-12 03:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 00:04 - 2011-06-01 12:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-12 12:40 - 2016-02-15 21:36 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-04-12 12:38 - 2016-02-15 21:36 - 00002760 _____ C:\WINDOWS\SysWOW64\lgAxconfig.ini
2016-04-06 11:32 - 2015-10-30 00:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 11:32 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-06-20 00:44 - 2014-06-20 00:44 - 0000234 _____ () C:\Users\Terrick\AppData\Roaming\1.png
2013-10-01 19:55 - 2013-10-01 19:55 - 0001562 _____ () C:\Users\Terrick\AppData\Roaming\28.svg
2012-04-15 22:07 - 2011-12-22 14:30 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:57 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:47 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-05-03 16:11 - 2016-05-03 16:11 - 6494208 _____ () C:\Users\Terrick\AppData\Roaming\agent.dat
2014-08-12 14:28 - 2014-12-07 14:07 - 0000004 _____ () C:\Users\Terrick\AppData\Roaming\appdataFr2.bin
2016-05-03 16:11 - 2016-05-03 16:11 - 0054272 _____ () C:\Users\Terrick\AppData\Roaming\ApplicationHosting.dat
2010-07-19 14:16 - 2010-07-19 14:16 - 0004878 _____ () C:\Users\Terrick\AppData\Roaming\b_dk.jpg
2016-04-12 02:21 - 2016-04-12 02:21 - 0209477 _____ () C:\Users\Terrick\AppData\Roaming\chapter.gif
2016-05-03 16:11 - 2016-05-03 16:11 - 0065568 _____ () C:\Users\Terrick\AppData\Roaming\Config.xml
2016-05-03 16:11 - 2016-05-03 16:11 - 0188634 _____ () C:\Users\Terrick\AppData\Roaming\Dombam.bin
2016-05-03 16:11 - 2016-05-03 16:10 - 0832000 _____ () C:\Users\Terrick\AppData\Roaming\DoubleIs.exe
2016-05-03 16:11 - 2016-05-03 16:11 - 1626777 _____ () C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:10 - 2016-05-03 16:10 - 0017040 _____ () C:\Users\Terrick\AppData\Roaming\InstallationConfiguration.xml
2016-05-03 16:10 - 2016-05-03 16:10 - 0127488 _____ () C:\Users\Terrick\AppData\Roaming\Installer.dat
2015-07-03 03:22 - 2015-07-03 03:22 - 0000098 _____ () C:\Users\Terrick\AppData\Roaming\LauncherSettings_live.cfg
2016-05-03 16:11 - 2016-05-03 16:11 - 0126464 _____ () C:\Users\Terrick\AppData\Roaming\lobby.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 0018432 _____ () C:\Users\Terrick\AppData\Roaming\Main.dat
2013-10-01 19:56 - 2013-10-01 19:56 - 0001349 _____ () C:\Users\Terrick\AppData\Roaming\make.graphic.viewport.xml
2016-05-03 16:11 - 2016-05-03 16:11 - 0005568 _____ () C:\Users\Terrick\AppData\Roaming\md.xml
2016-05-03 16:11 - 2016-05-03 16:11 - 0126464 _____ () C:\Users\Terrick\AppData\Roaming\noah.dat
2016-05-03 16:10 - 2016-05-03 16:10 - 0848437 _____ () C:\Users\Terrick\AppData\Roaming\Sol-Dex.bin
2014-10-06 21:39 - 2014-10-06 21:39 - 0011264 _____ () C:\Users\Terrick\AppData\Roaming\System.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 0002093 _____ () C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2012-08-18 17:30 - 2012-08-18 17:30 - 0001181 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.1.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000919 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000000 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-05-03 16:11 - 2016-05-03 16:11 - 0032038 _____ () C:\Users\Terrick\AppData\Roaming\uninstall_temp.ico
2016-05-03 16:11 - 2016-05-03 16:10 - 0832000 _____ () C:\Users\Terrick\AppData\Roaming\Zenrunsoft.exe
2016-05-03 16:11 - 2016-05-03 16:11 - 0072717 _____ () C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2014-07-06 16:04 - 2014-07-06 16:05 - 0008665 _____ () C:\Users\Terrick\AppData\Local\CleanupUninstall.txt
2011-09-13 17:11 - 2011-09-13 17:19 - 0005632 _____ () C:\Users\Terrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-07 16:47 - 2011-09-07 16:47 - 0007602 _____ () C:\Users\Terrick\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Terrick\AppData\Local\Temp\27-04-2016_big world search_3.0.10.exe
C:\Users\Terrick\AppData\Local\Temp\2D98FTFJYW.exe
C:\Users\Terrick\AppData\Local\Temp\acc.exe
C:\Users\Terrick\AppData\Local\Temp\ads.exe
C:\Users\Terrick\AppData\Local\Temp\appstart.exe
C:\Users\Terrick\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Terrick\AppData\Local\Temp\dxdiag.exe
C:\Users\Terrick\AppData\Local\Temp\goamodc_amodc_inst.exe
C:\Users\Terrick\AppData\Local\Temp\HssInstaller64.exe
C:\Users\Terrick\AppData\Local\Temp\hss_update.exe
C:\Users\Terrick\AppData\Local\Temp\kg.exe
C:\Users\Terrick\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Terrick\AppData\Local\Temp\msconfig.exe
C:\Users\Terrick\AppData\Local\Temp\nse1218.tmp.exe
C:\Users\Terrick\AppData\Local\Temp\nsqF9E7.exe
C:\Users\Terrick\AppData\Local\Temp\nsw1012.tmp.exe
C:\Users\Terrick\AppData\Local\Temp\OKV50_GRAND+KYLE.exe
C:\Users\Terrick\AppData\Local\Temp\Setup.exe
C:\Users\Terrick\AppData\Local\Temp\soft.exe
C:\Users\Terrick\AppData\Local\Temp\utils.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-02 16:06
 
==================== End of FRST.txt ============================

Attached Files



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 04 May 2016 - 08:06 AM

Thank you for the logs :) I'll analyze them over the day when I have time, and work on a reply once I get home tonight. Sorry for the wait!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 05 May 2016 - 11:27 AM

Thank you for waiting!

Your system is quite infected from what I can see. Therefore, I would like to take a different approach for this clean-up: we'll charge in right away with automated malware removal tools, and do precision removal at the end once they'll have taken out the biggest chunk. Before we run these scans, I would like to address a few things.

warning.gifP2P Programs Warning!
Going over your logs I noticed that you have uTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

I also noticed that you have multiple pirated programs installed. I'll ask you to please uninstall them, as BleepingComputer doesn't condome piracy, and also, they are one of the best way to get infected with malware. Plus, some of them might get removed by the tools we'll run, and it'll just leave damaged installations behind, so might as well remove them beforehand to make sure that it doesn't damage your system.

warning.gifMalicious Programs Warning!

I noticed that you have malicious programs installed on your system. I'll ask you to uninstall them since uninstalling such programs before running malware removal tools will ensure a better clean-up.
  • big world search 3.0.10
  • browseextension version 1.1
  • Buzzing Dhol 9.1.1
  • CCleaner, версия 4.14.4808
  • Driver Manager
  • EFLC v1.1 / RePack by Baracuda
  • Notable PDF
  • PriceMInuas
  • SafeFinder
  • Setup version 1.0
  • Social2Search
  • YellowSend
  • YTDownloader
If you have an issue when uninstalling a program, please let me know.

warning.gifOutdated Programs Warning!

I noticed that you have outdated vulnerable programs installed on your system. I'll ask you to uninstall them since keeping outdated software installed on a system puts it more at risk of being infected. Otherwise, you can update them right now, and make sure that their outdated version is uninstalled after. We will reinstall these programs at the end of the clean-up if you decide to uninstall them now, and need them after.
  • Adobe AIR
  • Java 8 Update 31
  • QuickTime 7
If you have an issue when uninstalling a program, please let me know.

You should also uninstall McAfee Security Scan Plus, and update Malwarebytes Anti-Malware (open it, then run the update, and it should ask you to install the newest version).

Once you're done with the above, we'll start our sweep using JRT, AdwCleaner and Malwarebytes :) If you aren't able to download JRT and AdwCleaner, or run any of the programs under a normal boot, please do so under a Safe Mode with Networking, following the instructions in the link provided previously.

Follow the instructions below please.

lv0mVRW.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Cleaning button. This will kill all the active processes;
    CfdTLN1.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;
aOpBoaQ.pngMalwarebytes Anti-Malware - Clean Mode
  • Download and install the free version of Malwarebytes Anti-Malware
    Note: It's your choice if you want to enable the free trial of Malwarebytes Premium or not. Enabling it will give you real-time protection from the program, as well as access to all the Premium features.
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the Update Now button;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the checkbox by Threat is checked (it means that every item detected is checked), then click on the Remove Selected button;
    L9PN4j1.png
  • Click on Save Results after the deletion (in the bottom-right corner) and select Copy to clipboard. Paste the content in your next reply;
And we'll grab a fresh set of FRST logs after that!

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of FRST.txt in your next reply, and attach Addition.txt to it;
Your next reply(ies) should therefore contain:
  • Confirmation that every program listed above was successfully uninstalled (if not, please let me know which ones);
  • Copy/pasted JRT log;
  • Copy/pasted AdwCleaner clean log;
  • Copy/pasted Malwarebytes clean log;
  • Copy/pasted content of the FRST.txt log;
  • Copy/pasted content of the Addition.txt log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 Terk1023

Terk1023
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 05 May 2016 - 10:41 PM

Hi! Thanks for getting back to me!  I have done my best to uninstall all the files you have asked me to. While I was waiting I ran a full system scan with Windows Defender, Malewarebytes, ADWCleaner and got an uninstaller to force the programs you listed above to uninstall cause they wouldnt let me get rid of them via the control panel. once I was able to, the scans started to detect trojans and maleware.
 
Here are the Logs you have asked for!
 
ADWCleaner:
 
# AdwCleaner v5.115 - Logfile created 05/05/2016 at 19:33:17
# Updated 01/05/2016 by Xplode
# Database : 2016-05-04.2 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Terrick - TERRICK-PC
# Running from : C:\Users\Terrick\Desktop\Internet and Security\adwcleaner_5.115.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [17890 bytes] - [04/05/2016 16:57:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1834 bytes] - [05/05/2016 13:03:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [887 bytes] - [05/05/2016 19:33:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [21526 bytes] - [04/05/2016 16:26:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [18832 bytes] - [04/05/2016 16:56:47]
C:\AdwCleaner\AdwCleaner[S3].txt - [1949 bytes] - [05/05/2016 00:07:13]
C:\AdwCleaner\AdwCleaner[S4].txt - [1917 bytes] - [05/05/2016 12:58:42]
C:\AdwCleaner\AdwCleaner[S5].txt - [1531 bytes] - [05/05/2016 19:27:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1326 bytes] ##########
 
JTR.txt:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by Terrick (Administrator) on Thu 05/05/2016 at 19:23:58.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 19 
 
Successfully deleted: C:\ProgramData\1462455570.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\esellerate (Folder) 
Successfully deleted: C:\ProgramData\mjiekfhhadfoddlfjkfhofbebpjiledi (Folder) 
Successfully deleted: C:\user.js (File) 
Successfully deleted: C:\Users\Terrick\AppData\Local\{2176C43D-D6A4-48A0-96CB-9644968D71B0} (Empty Folder)
Successfully deleted: C:\Users\Terrick\AppData\Local\{4D8989C9-E864-4412-8CA1-7CD467CE8216} (Empty Folder)
Successfully deleted: C:\Users\Terrick\AppData\Local\{7CAEE192-E78A-4827-B70F-599AABF33D3A} (Empty Folder)
Successfully deleted: C:\Users\Terrick\AppData\Local\{C671B6F1-255E-4F48-92C8-1BF41F509F6B} (Empty Folder)
Successfully deleted: C:\Users\Terrick\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Terrick\Appdata\LocalLow\delta (Folder) 
Successfully deleted: C:\Users\Terrick\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi (File) 
Successfully deleted: C:\WINDOWS\SysWOW64\x64.txt (File) 
Successfully deleted: C:\WINDOWS\wininit.ini (File) 
Successfully deleted: C:\Users\Terrick\AppData\Roaming\appdataFr2.bin (File) 
Successfully deleted: C:\WINDOWS\prefetch\DRIVERCTRL.EXE-1E4D2FFD.pf (File) 
Successfully deleted: C:\WINDOWS\Temp\mrt61F6.tmp\stdrt.exe (File) 
Successfully deleted: C:\WINDOWS\Temp\mrt7407.tmp\stdrt.exe (File) 
Successfully deleted: C:\WINDOWS\Temp\mrt7687.tmp\stdrt.exe (File) 
Successfully deleted: C:\WINDOWS\Temp\mrtBBCE.tmp\stdrt.exe (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/05/2016 at 19:28:24.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Malewarebytes:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/5/2016
Scan Time: 7:43 PM
Logfile: Malewarebytes1.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.05.05.05
Rootkit Database: v2016.04.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Terrick
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 567002
Time Elapsed: 44 min, 40 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.MediaDashBoard, C:\Users\Terrick\AppData\Local\Temp\mrt8579.tmp\stdrt.exe, , [4306e0f2f3a64beba1263d93a161619f], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
FRST.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016 02
Ran by Terrick (administrator) on TERRICK-PC (05-05-2016 20:34:48)
Running from C:\Users\Terrick\Desktop\Tools
Loaded Profiles: Terrick & UpdatusUser (Available Profiles: Terrick & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Google Update] => C:\Users\Terrick\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-09] (Google Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2016-05-05]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Terrick\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6fa390ac-ca95-4047-9bd3-549698be1787}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b10fc2b3-895f-4656-81b5-58c584aa9cf1}: [DhcpNameServer] 192.168.0.1
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?lang=en-ca&OCID=iehp
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/O1DPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Terrick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/GoogleTalkPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/O3DPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=3 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=9 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: facebook.com/fbDesktopPlugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-04-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.facebook.com/","hxxp://www.outlook.com/","hxxp://www.flickr.com/","hxxp://www.youtube.com/"
CHR Profile: C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Tampermonkey) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-13]
CHR Extension: (AdBlock Premium) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2016-05-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-05]
CHR Extension: (Gmail) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-04-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
StartMenuInternet: Google Chrome.T-Harls - C:\Users\T-Harls\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1318944 2016-02-03] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-22] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-04-13] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-01] ()
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2016-03-15] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-04-25] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-04-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
R3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-12-11] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1623536 2016-03-18] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [842152 2016-03-18] (BitDefender)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [360288 2016-02-04] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-12-11] ()
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-24] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-01] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 Si3132r5; C:\Windows\system32\drivers\Si3132r5.sys [337960 2007-12-26] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2007-12-26] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2007-12-26] (Silicon Image, Inc.)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-12-06] (TENCENT) [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [511320 2016-02-22] (BitDefender S.R.L.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [39936 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
U3 idsvc; no ImagePath
S3 taphss6; \SystemRoot\System32\drivers\taphss6.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-05 20:29 - 2016-05-05 20:29 - 00001146 _____ C:\Users\Terrick\Desktop\Malewarebytes1.txt
2016-05-05 19:38 - 2016-05-05 19:38 - 01610816 _____ (Malwarebytes) C:\Users\Terrick\Downloads\JRT.exe
2016-05-05 19:28 - 2016-05-05 19:28 - 00002215 _____ C:\Users\Terrick\Desktop\JRT.txt
2016-05-05 13:36 - 2016-05-05 13:37 - 00000000 _____ C:\Users\Terrick\java
2016-05-05 13:25 - 2016-05-05 13:25 - 00000000 ____D C:\Users\Terrick\AppData\Temp
2016-05-05 13:23 - 2016-05-05 13:23 - 00298736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-05-05 13:03 - 2016-05-05 20:29 - 00002943 _____ C:\bdlog.txt
2016-05-05 13:03 - 2016-05-05 13:03 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-05-05 13:03 - 2016-05-05 13:03 - 00000385 _____ C:\Users\Terrick\AppData\Roaminguser_gensett.xml
2016-05-05 13:02 - 2016-05-05 13:02 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2016-05-05 13:01 - 2016-05-05 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-05-05 13:01 - 2016-05-05 13:01 - 00002280 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-05-05 13:01 - 2016-05-05 13:01 - 00000684 ____H C:\bdr-cf01
2016-05-05 13:01 - 2016-05-05 13:01 - 00000000 ____D C:\ProgramData\BDLogging
2016-05-05 13:01 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-05-05 13:01 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-05-05 13:00 - 2016-05-05 13:03 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Bitdefender
2016-05-05 13:00 - 2016-05-05 13:01 - 00253404 ____H C:\bdr-ld01
2016-05-05 13:00 - 2016-05-05 13:01 - 00009216 ____H C:\bdr-ld01.mbr
2016-05-05 13:00 - 2016-03-18 06:58 - 00842152 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-05-05 13:00 - 2016-03-18 06:56 - 01623536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-05-05 13:00 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im01.gz
2016-05-05 13:00 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-05-05 13:00 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2016-05-05 12:58 - 2016-05-05 13:23 - 00000000 ____D C:\ProgramData\Bitdefender
2016-05-05 12:58 - 2016-05-05 12:58 - 00000000 ____D C:\Program Files\Bitdefender
2016-05-05 12:58 - 2016-02-22 15:13 - 00511320 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-05-05 12:58 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-05-05 06:39 - 2016-05-05 12:58 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-05-05 06:39 - 2016-05-05 06:39 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\QuickScan
2016-05-05 05:45 - 2016-05-05 14:29 - 00000000 ____D C:\Users\Terrick\Documents\NetBeansProjects
2016-05-05 05:33 - 2016-05-05 05:34 - 203071032 _____ (Oracle Corporation) C:\Users\Terrick\Downloads\jdk-8u92-windows-x64.exe
2016-05-05 05:33 - 2016-05-05 05:34 - 196518456 _____ (Oracle Corporation) C:\Users\Terrick\Downloads\jdk-8u91-windows-x64.exe
2016-05-05 05:30 - 2016-05-05 05:30 - 00572214 _____ C:\Users\Terrick\Downloads\rhino_jdk7.tar.gz
2016-05-05 05:28 - 2016-05-05 05:44 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\NetBeans
2016-05-05 05:28 - 2016-05-05 05:28 - 00000000 ____D C:\Users\Terrick\AppData\Local\NetBeans
2016-05-05 05:27 - 2016-05-05 05:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-05 05:27 - 2016-05-05 05:41 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-05-05 05:27 - 2016-05-05 05:27 - 00320424 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-05-05 05:27 - 2016-05-05 05:27 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-05-05 05:27 - 2016-05-05 05:27 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-05-05 05:15 - 2016-05-05 05:40 - 00002094 _____ C:\Users\Public\Desktop\NetBeans IDE 8.1.lnk
2016-05-05 05:15 - 2016-05-05 05:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-05-05 05:13 - 2016-05-05 05:21 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-05-05 05:12 - 2016-05-05 05:28 - 00000000 ____D C:\Users\Terrick\.nbi
2016-05-05 05:12 - 2016-05-05 05:12 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Oracle
2016-05-05 05:05 - 2016-05-05 05:42 - 00000000 ____D C:\Users\Terrick\.oracle_jre_usage
2016-05-05 05:04 - 2016-05-05 05:04 - 00738368 _____ (Oracle Corporation) C:\Users\Terrick\Downloads\JavaSetup8u91.exe
2016-05-05 05:04 - 2016-05-05 05:04 - 00000000 ____D C:\Users\Terrick\AppData\LocalLow\Oracle
2016-05-05 00:39 - 2016-05-05 00:39 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-05 00:37 - 2016-05-05 20:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-05 00:37 - 2016-05-05 00:37 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-05-05 00:15 - 2016-05-05 20:32 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 00:15 - 2016-05-05 20:20 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 00:15 - 2016-05-05 05:40 - 00002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-05 00:15 - 2016-05-05 00:15 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-05 00:15 - 2016-05-05 00:15 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-04 17:22 - 2016-05-05 19:31 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3E7B3800-E9F6-4C9A-8475-AAB9A80A7EE5}
2016-05-04 16:24 - 2016-05-05 19:33 - 00000000 ____D C:\AdwCleaner
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\Users\Terrick\AppData\Local\VS Revo Group
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\Program Files\VS Revo Group
2016-05-04 16:24 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-05-04 01:01 - 2016-05-04 16:42 - 00000000 ____D C:\Users\Terrick\AppData\Local\app
2016-05-04 00:39 - 2016-05-05 20:34 - 00000000 ____D C:\FRST
2016-05-03 16:26 - 2016-05-03 16:26 - 00000013 _____ C:\WINDOWS\system32\Example.txt
2016-05-03 16:12 - 2016-04-23 03:28 - 00000804 ____R C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-03 16:11 - 2016-05-03 16:11 - 06494208 _____ C:\Users\Terrick\AppData\Roaming\agent.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 01626777 _____ C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00072717 _____ C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00018432 _____ C:\Users\Terrick\AppData\Roaming\Main.dat
2016-05-03 16:10 - 2016-05-03 16:10 - 00127488 _____ C:\Users\Terrick\AppData\Roaming\Installer.dat
2016-05-03 15:42 - 2016-05-03 15:42 - 00000000 ____D C:\Users\Terrick\Downloads\workbench_materials
2016-05-03 15:41 - 2016-05-03 15:41 - 00000000 ____D C:\Program Files (x86)\VTFEdit
2016-04-23 03:25 - 2016-04-23 03:25 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-23 03:25 - 2016-04-23 03:25 - 00001994 _____ C:\WINDOWS\unins000.dat
2016-04-23 03:25 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-23 03:25 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-23 03:21 - 2016-04-23 03:23 - 00000000 ____D C:\Users\Terrick\Downloads\Bandicam 3.0.4.1035 RePack (& Portable) by KpoJIuK
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dxtory Software
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Program Files (x86)\ExKode
2016-04-22 02:18 - 2016-04-22 02:18 - 00000000 ____D C:\Program Files\Speccy
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\Program Files\CPUID
2016-04-13 16:45 - 2016-04-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 18:34 - 2016-03-29 01:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 18:34 - 2016-03-29 00:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 18:34 - 2016-03-29 00:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-12 18:34 - 2016-03-28 23:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-12 18:34 - 2016-03-28 23:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-12 18:34 - 2016-03-28 23:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-12 18:34 - 2016-03-28 22:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-12 18:34 - 2016-03-28 22:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-12 18:33 - 2016-04-01 21:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 18:33 - 2016-04-01 21:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 18:33 - 2016-04-01 20:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-12 18:33 - 2016-04-01 20:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-12 18:33 - 2016-04-01 20:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 18:33 - 2016-04-01 20:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-12 18:33 - 2016-04-01 20:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-12 18:33 - 2016-04-01 20:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 18:33 - 2016-04-01 20:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-12 18:33 - 2016-04-01 20:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-12 18:33 - 2016-03-29 03:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 18:33 - 2016-03-29 03:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 03:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 18:33 - 2016-03-29 03:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 18:33 - 2016-03-29 03:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 18:33 - 2016-03-29 03:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 18:33 - 2016-03-29 02:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 02:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-12 18:33 - 2016-03-29 02:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-12 18:33 - 2016-03-29 02:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 18:33 - 2016-03-29 02:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-12 18:33 - 2016-03-29 01:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 18:33 - 2016-03-29 01:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-12 18:33 - 2016-03-29 01:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 18:33 - 2016-03-29 01:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 18:33 - 2016-03-29 01:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 18:33 - 2016-03-29 00:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-12 18:33 - 2016-03-29 00:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 18:33 - 2016-03-29 00:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-12 18:33 - 2016-03-29 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-12 18:33 - 2016-03-29 00:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 18:33 - 2016-03-29 00:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 18:33 - 2016-03-29 00:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-12 18:33 - 2016-03-29 00:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-12 18:33 - 2016-03-29 00:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 18:33 - 2016-03-29 00:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 18:33 - 2016-03-29 00:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 18:33 - 2016-03-29 00:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-29 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 18:33 - 2016-03-29 00:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-12 18:33 - 2016-03-29 00:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-12 18:33 - 2016-03-29 00:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-12 18:33 - 2016-03-29 00:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-12 18:33 - 2016-03-29 00:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-12 18:33 - 2016-03-29 00:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 18:33 - 2016-03-29 00:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-12 18:33 - 2016-03-28 23:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 18:33 - 2016-03-28 23:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-12 18:33 - 2016-03-28 23:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-28 23:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-12 18:33 - 2016-03-28 23:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-12 18:33 - 2016-03-28 23:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-12 18:33 - 2016-03-28 23:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-12 18:33 - 2016-03-28 23:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-28 23:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 18:33 - 2016-03-28 23:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-12 18:33 - 2016-03-28 23:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-12 18:33 - 2016-03-28 23:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-28 23:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 18:33 - 2016-03-28 23:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 23:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 18:33 - 2016-03-28 23:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 18:33 - 2016-03-28 23:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 18:33 - 2016-03-28 22:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 22:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-12 18:33 - 2016-03-28 22:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-12 18:33 - 2016-03-28 22:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-12 18:33 - 2016-03-28 22:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-12 18:33 - 2016-03-28 22:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-12 18:33 - 2016-03-28 22:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 18:33 - 2016-03-28 22:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-12 18:33 - 2016-03-28 22:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-12 18:33 - 2016-03-28 22:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-12 18:33 - 2016-03-28 22:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-12 18:33 - 2016-03-28 22:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-12 18:33 - 2016-03-28 22:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-12 18:33 - 2016-03-28 22:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 18:33 - 2016-03-28 22:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 18:32 - 2016-04-01 20:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-12 18:32 - 2016-04-01 20:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-12 18:32 - 2016-04-01 20:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-12 18:32 - 2016-04-01 20:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-12 18:32 - 2016-04-01 20:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-12 18:32 - 2016-04-01 20:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-12 18:32 - 2016-03-29 03:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 18:32 - 2016-03-29 03:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 18:32 - 2016-03-29 03:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 03:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 18:32 - 2016-03-29 03:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-12 18:32 - 2016-03-29 02:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 18:32 - 2016-03-29 02:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 02:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 18:32 - 2016-03-29 02:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 18:32 - 2016-03-29 02:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 18:32 - 2016-03-29 02:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 18:32 - 2016-03-29 02:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-12 18:32 - 2016-03-29 02:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-12 18:32 - 2016-03-29 01:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 01:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 18:32 - 2016-03-29 01:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-12 18:32 - 2016-03-29 01:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-12 18:32 - 2016-03-29 01:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 18:32 - 2016-03-29 01:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-12 18:32 - 2016-03-29 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 01:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-12 18:32 - 2016-03-29 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-12 18:32 - 2016-03-29 00:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 18:32 - 2016-03-29 00:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 18:32 - 2016-03-29 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 18:32 - 2016-03-29 00:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 18:32 - 2016-03-29 00:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-12 18:32 - 2016-03-29 00:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 18:32 - 2016-03-29 00:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 18:32 - 2016-03-29 00:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 18:32 - 2016-03-29 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 18:32 - 2016-03-29 00:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 18:32 - 2016-03-29 00:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 18:32 - 2016-03-29 00:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 18:32 - 2016-03-29 00:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-12 18:32 - 2016-03-29 00:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-12 18:32 - 2016-03-29 00:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 18:32 - 2016-03-29 00:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 18:32 - 2016-03-29 00:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 18:32 - 2016-03-29 00:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 18:32 - 2016-03-29 00:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 00:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 18:32 - 2016-03-29 00:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-12 18:32 - 2016-03-29 00:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 18:32 - 2016-03-28 23:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-12 18:32 - 2016-03-28 23:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-12 18:32 - 2016-03-28 23:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 18:32 - 2016-03-28 23:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-28 23:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-28 23:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-28 23:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-12 18:32 - 2016-03-28 23:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-12 18:32 - 2016-03-28 23:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 18:32 - 2016-03-28 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-12 18:32 - 2016-03-28 23:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 18:32 - 2016-03-28 23:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 23:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 18:32 - 2016-03-28 23:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-12 18:32 - 2016-03-28 22:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 18:32 - 2016-03-28 22:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 22:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 18:32 - 2016-03-28 22:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 18:32 - 2016-03-28 22:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 18:32 - 2016-03-28 22:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 00002093 _____ C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2016-04-09 12:41 - 2016-04-09 12:41 - 00001661 _____ C:\Users\Terrick\Downloads\54798b85b50d61a97628-5bb6189bb24cd25d80cb9968c36d640e5ec22008.zip
2016-04-09 02:20 - 2016-04-09 02:20 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2016-04-07 15:48 - 2016-04-30 17:26 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-07 15:48 - 2016-04-07 15:48 - 20355776 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-04-07 15:48 - 2016-04-07 15:48 - 00003966 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-05 20:34 - 2016-03-07 14:19 - 00000000 ___RD C:\Users\Terrick\Desktop\Tools
2016-05-05 20:33 - 2015-06-22 01:50 - 00000000 ___RD C:\Users\Terrick\Dropbox
2016-05-05 20:32 - 2015-06-22 01:32 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-05 20:30 - 2016-01-08 11:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-05 20:30 - 2016-01-08 10:41 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-05 20:30 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Cursors
2016-05-05 20:29 - 2016-01-08 10:44 - 00000000 ____D C:\Users\Terrick
2016-05-05 20:29 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-05 20:09 - 2011-09-06 17:15 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002UA.job
2016-05-05 20:06 - 2016-02-01 17:03 - 00004174 _____ C:\Users\Terrick\Desktop\Cat Names.txt
2016-05-05 20:05 - 2012-03-16 23:00 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011UA.job
2016-05-05 19:48 - 2015-01-29 00:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-05 19:43 - 2014-09-01 00:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-05 19:42 - 2016-01-08 10:44 - 01013824 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-05 19:42 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-05 19:42 - 2015-06-22 01:32 - 00000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-05 19:39 - 2015-10-29 23:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-05 19:27 - 2013-04-21 01:52 - 00000000 ___RD C:\Users\Terrick\Desktop\Internet and Security
2016-05-05 19:20 - 2011-10-04 16:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-05 19:20 - 2011-06-09 15:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-05 19:19 - 2011-12-17 00:16 - 00000000 ____D C:\Users\Terrick\AppData\Local\Adobe
2016-05-05 19:13 - 2015-12-29 15:02 - 00000000 ____D C:\Games
2016-05-05 19:13 - 2014-10-09 02:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-05 19:12 - 2014-10-09 02:23 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Opera Software
2016-05-05 19:12 - 2014-10-09 02:23 - 00000000 ____D C:\Users\Terrick\AppData\Local\Opera Software
2016-05-05 19:11 - 2013-05-22 14:04 - 00000000 ____D C:\Program Files (x86)\R.G.Games
2016-05-05 19:11 - 2012-12-30 00:34 - 00000000 ____D C:\Program Files (x86)\MP3 Skype Recorder
2016-05-05 19:07 - 2012-02-16 19:15 - 00000000 ____D C:\Fraps
2016-05-05 19:06 - 2011-09-01 17:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-05 19:05 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 19:03 - 2015-09-10 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-05 19:03 - 2013-06-27 15:54 - 00000000 ____D C:\Program Files (x86)\Project64 2.0
2016-05-05 14:09 - 2011-09-06 17:15 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002Core.job
2016-05-05 05:42 - 2014-03-06 10:47 - 00002181 _____ C:\Users\Terrick\Desktop\BitMinter Client.lnk
2016-05-05 05:42 - 2014-03-06 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-05 05:41 - 2011-09-22 16:17 - 00000000 ____D C:\Program Files\Java
2016-05-05 05:40 - 2016-03-11 03:56 - 00001270 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-05-05 05:40 - 2016-01-08 10:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-05 05:40 - 2015-07-15 20:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-05 05:40 - 2015-07-08 00:09 - 00000986 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2016-05-05 05:40 - 2015-06-25 11:18 - 00001148 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-05-05 05:40 - 2015-06-23 18:27 - 00000840 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-05-05 05:40 - 2015-03-17 18:36 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk
2016-05-05 05:40 - 2015-03-17 00:03 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-bit.lnk
2016-05-05 05:40 - 2015-01-08 00:09 - 00000986 _____ C:\Users\Public\Desktop\Gyazo.lnk
2016-05-05 05:40 - 2014-08-13 15:42 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-05-05 05:40 - 2014-01-28 10:00 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2016-05-05 05:40 - 2013-03-05 17:57 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-05-05 05:40 - 2011-12-17 02:52 - 00001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk
2016-05-05 05:40 - 2011-12-17 02:50 - 00001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:50 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2016-05-05 05:40 - 2011-12-17 02:49 - 00001561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:49 - 00001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:48 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-05-05 05:40 - 2011-12-17 00:17 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2016-05-05 05:40 - 2011-10-04 16:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-05 05:40 - 2011-06-10 15:25 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-05-05 05:40 - 2011-06-10 15:25 - 00001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-05-05 05:40 - 2011-06-10 15:24 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-05-05 05:40 - 2011-06-10 15:24 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-05-05 05:39 - 2016-01-08 19:25 - 00002421 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-05 05:39 - 2012-11-25 05:08 - 00002529 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2016-05-05 05:39 - 2012-08-16 14:43 - 00001440 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\DayZ Commander.lnk
2016-05-05 05:38 - 2016-03-07 14:10 - 00000817 _____ C:\Users\Terrick\Desktop\Deriv.lnk
2016-05-05 05:38 - 2014-10-09 01:15 - 00001191 _____ C:\Users\Terrick\Desktop\GamersFirst LIVE!.lnk
2016-05-05 05:38 - 2014-06-03 12:19 - 00001347 _____ C:\Users\Terrick\Desktop\bitcoin wallet.lnk
2016-05-05 05:36 - 2015-10-30 00:26 - 00000000 ____D C:\WINDOWS\Setup
2016-05-05 05:12 - 2014-08-01 12:40 - 00000000 __SHD C:\Users\Terrick\AppData\Local\EmieUserList
2016-05-05 05:12 - 2014-08-01 12:40 - 00000000 __SHD C:\Users\Terrick\AppData\Local\EmieSiteList
2016-05-05 05:12 - 2014-03-06 10:46 - 00000000 ____D C:\ProgramData\Oracle
2016-05-05 05:11 - 2012-10-18 09:20 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-05 05:05 - 2014-05-08 17:59 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-05-05 05:05 - 2011-11-16 17:19 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Sun
2016-05-05 04:29 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-05 04:29 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-05 01:59 - 2011-09-06 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-05 00:22 - 2013-04-21 01:50 - 00000000 ____D C:\Users\Terrick\Desktop\Creative Software
2016-05-05 00:15 - 2013-11-01 12:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-05 00:09 - 2013-04-21 01:47 - 00000000 ____D C:\Users\Terrick\Desktop\Games
2016-05-05 00:09 - 2012-05-03 15:42 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 00:09 - 2011-09-06 17:15 - 00000000 ____D C:\Users\Terrick\AppData\Local\Apps\2.0
2016-05-04 23:05 - 2012-03-16 23:00 - 00000860 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011Core.job
2016-05-04 17:25 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-04 17:21 - 2014-08-10 02:09 - 00000000 __SHD C:\Users\Terrick\AppData\LocalLow\EmieUserList
2016-05-04 17:21 - 2014-06-26 00:22 - 00000000 __SHD C:\Users\Terrick\AppData\LocalLow\EmieSiteList
2016-05-04 17:05 - 2011-10-24 16:13 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2016-05-04 15:41 - 2016-01-08 10:44 - 00000000 ____D C:\Users\UpdatusUser
2016-05-03 03:42 - 2014-06-05 14:46 - 00000000 ____D C:\Users\Terrick\AppData\Local\Packages
2016-04-28 01:55 - 2013-04-21 01:59 - 00000000 ____D C:\Users\Terrick\Desktop\Recording Software
2016-04-26 12:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-04-23 20:47 - 2016-02-03 18:35 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\TS3Client
2016-04-23 04:34 - 2012-09-02 19:53 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\.minecraft
2016-04-22 00:57 - 2010-11-20 20:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 14:02 - 2016-01-08 19:25 - 00000000 ___RD C:\Users\Terrick\OneDrive
2016-04-16 16:59 - 2013-04-21 01:52 - 00000000 ____D C:\Users\Terrick\Desktop\Text and random
2016-04-14 02:06 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-04-14 02:06 - 2011-09-07 07:06 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-04-13 16:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-13 16:46 - 2015-06-22 01:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-13 15:44 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-04-13 15:43 - 2011-10-15 22:15 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-13 12:37 - 2015-06-22 01:32 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dropbox
2016-04-13 05:19 - 2016-01-08 10:36 - 05045872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 00:11 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 00:09 - 2013-08-12 03:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 00:04 - 2011-06-01 12:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-12 12:40 - 2016-02-15 21:36 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-04-12 12:38 - 2016-02-15 21:36 - 00002760 _____ C:\WINDOWS\SysWOW64\lgAxconfig.ini
2016-04-06 11:32 - 2015-10-30 00:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 11:32 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-06-20 00:44 - 2014-06-20 00:44 - 0000234 _____ () C:\Users\Terrick\AppData\Roaming\1.png
2013-10-01 19:55 - 2013-10-01 19:55 - 0001562 _____ () C:\Users\Terrick\AppData\Roaming\28.svg
2012-04-15 22:07 - 2011-12-22 14:30 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:57 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:47 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-05-03 16:11 - 2016-05-03 16:11 - 6494208 _____ () C:\Users\Terrick\AppData\Roaming\agent.dat
2010-07-19 14:16 - 2010-07-19 14:16 - 0004878 _____ () C:\Users\Terrick\AppData\Roaming\b_dk.jpg
2016-04-12 02:21 - 2016-04-12 02:21 - 0209477 _____ () C:\Users\Terrick\AppData\Roaming\chapter.gif
2016-05-03 16:11 - 2016-05-03 16:11 - 1626777 _____ () C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:10 - 2016-05-03 16:10 - 0127488 _____ () C:\Users\Terrick\AppData\Roaming\Installer.dat
2015-07-03 03:22 - 2015-07-03 03:22 - 0000098 _____ () C:\Users\Terrick\AppData\Roaming\LauncherSettings_live.cfg
2016-05-03 16:11 - 2016-05-03 16:11 - 0018432 _____ () C:\Users\Terrick\AppData\Roaming\Main.dat
2013-10-01 19:56 - 2013-10-01 19:56 - 0001349 _____ () C:\Users\Terrick\AppData\Roaming\make.graphic.viewport.xml
2014-10-06 21:39 - 2014-10-06 21:39 - 0011264 _____ () C:\Users\Terrick\AppData\Roaming\System.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 0002093 _____ () C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2012-08-18 17:30 - 2012-08-18 17:30 - 0001181 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.1.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000919 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000000 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-05-03 16:11 - 2016-05-03 16:11 - 0072717 _____ () C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2014-07-06 16:04 - 2014-07-06 16:05 - 0008665 _____ () C:\Users\Terrick\AppData\Local\CleanupUninstall.txt
2011-09-13 17:11 - 2011-09-13 17:19 - 0005632 _____ () C:\Users\Terrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-07 16:47 - 2011-09-07 16:47 - 0007602 _____ () C:\Users\Terrick\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Terrick\AppData\Local\Temp\27-04-2016_big world search_3.0.10.exe
C:\Users\Terrick\AppData\Local\Temp\acc.exe
C:\Users\Terrick\AppData\Local\Temp\ads.exe
C:\Users\Terrick\AppData\Local\Temp\HssInstaller.exe
C:\Users\Terrick\AppData\Local\Temp\HssInstaller64.exe
C:\Users\Terrick\AppData\Local\Temp\hss_update.exe
C:\Users\Terrick\AppData\Local\Temp\libeay32.dll
C:\Users\Terrick\AppData\Local\Temp\msvcr120.dll
C:\Users\Terrick\AppData\Local\Temp\OKV50_GRAND+KYLE.exe
C:\Users\Terrick\AppData\Local\Temp\soft.exe
C:\Users\Terrick\AppData\Local\Temp\sqlite3.dll
C:\Users\Terrick\AppData\Local\Temp\Uninstall.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-02 16:06
 
==================== End of FRST.txt ============================
 
 
 

Attached Files



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 08 May 2016 - 09:46 AM

Thank you for the logs :)

Just to be sure, did you run JRT more than once, or not? The logs you gave me are clean, but it's probably because you gave me the latest logs, and not the ones you got when you ran the programs originally and they detected and deleted a bunch of stuff. But we'll get their content via the FRST fix I'll make you run :)

I noticed that you installed Bitdefender and outdated versions of Java since your last post. During the clean-up, please do not install any program unless I instruct you to do so, alright? :) For now, uninstall these outdated versions of Java.
  • Java 7 Update 79 (64-bit)
  • Java 8 Update 91
  • Java SE Development Kit 7 Update 79 (64-bit)
Once done, we'll run out first FRST fix, and also Emsisoft Emergency Kit to see if it can catches remnants. After that, we'll grab a fresh set of FRST logs. You'll notice a file called Upload.zip on your desktop after running the FRST fix. This is normal, I'm using it to collect your past Malwarebytes logs to check them and see what was detected and deleted by it. I'll ask you to also attach that .zip file in your next reply.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste that log in your next reply;


0Wrv6UC.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
    Egla2gt.png
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
    IgfWDr3.png
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;
iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of FRST.txt in your next reply, and attach Addition.txt to it;
Your next reply(ies) should include:
  • Answer to my question about running JRT more than once;
  • Copy/pasted content of the FRST fixlog;
  • Copy/pasted content of the Emsisoft Emergency Kit log;
  • Copy/pasted content of the FRST.txt log;
  • Copy/pasted content of the Addition.txt log;
  • Attached Upload.zip file;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 Terk1023

Terk1023
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 May 2016 - 04:01 AM

Hi, yes if I recall correctly I had to run JTR a couple times due to running some of the scans one after another and my computer restarted after a scan and I didnt have time to save the log. 
 
Here are the Logs you asked for!
 
FRST fixlog:
 
Fix result of Farbar Recovery Scan Tool (x64) Version:07-05-2016
Ran by Terrick (2016-05-09 01:06:59) Run:1
Running from C:\Users\Terrick\Desktop\Tools
Loaded Profiles: Terrick & UpdatusUser (Available Profiles: Terrick & UpdatusUser & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
BHO: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File
BHO-x32: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File
 
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/GoogleTalkPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/O3DPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=3 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=9 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: facebook.com/fbDesktopPlugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll [No File]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
S3 taphss6; \SystemRoot\System32\drivers\taphss6.sys [X]
 
CustomCLSID: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
 
Task: {3875AAE2-3653-413C-B9EE-A2404C64B652} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 
Task: {67D10128-2867-447B-ACBB-CBF9D908A569} - \CCleanerSkipUAC -> No File <==== ATTENTION
 
AlternateDataStreams: C:\Users\Terrick:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\TEMP:6152D44C [122]
AlternateDataStreams: C:\Users\Terrick\Downloads\JRT.exe:BDU [0]
 
REG: REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\vToolbarUpdater18.1.9"
 
FirewallRules: [UDP Query User{5E7E936D-2413-41A0-8C0B-A16701116BC4}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{442F8AAD-391D-4F82-8DB2-AB30547603DC}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{6F923E4C-95F1-4412-90BE-2D540DEF70D6}] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{3535C538-C2E7-4CBF-98C6-5B43F66D30C8}] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{53E6688B-1DD5-4833-BA34-86D4CB209D23}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{3A38DD85-29A8-4F76-B137-3A19E282A912}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{B9093083-CE86-4EFC-8785-73C0C05E373A}] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{C033CE60-F2DF-4717-B55F-0FE3882BA51D}] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{551708CB-AF0A-4D59-9087-7DE0FC5D4B76}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{68E176E8-57A9-4B76-929D-72C7140CF7CC}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{68B91DBD-C0C2-4FBA-BEB5-EE1C8C6C15FD}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{29CC7B06-B2DD-4EFB-9ECF-51D772DC11D3}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{01548C6B-A641-4D27-91AD-913FC21D3CA0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{0A021999-3F70-47A0-9A14-74220A88D5DE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
 
CMD: type C:\AdwCleaner\AdwCleaner[C1].txt
CMD: type C:\AdwCleaner\AdwCleaner[C2].txt
CMD: type C:\AdwCleaner\AdwCleaner[C3].txt
Zip: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
 
Hosts:
EmptyTemp:
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => key removed successfully
HKCR\CLSID\{AF949550-9094-4807-95EC-D1C317803333} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}" => key removed successfully
HKCR\Wow6432Node\CLSID\{AF949550-9094-4807-95EC-D1C317803333} => key not found. 
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.132.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.96.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.4" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@nexon.net/NxGame" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin => key not found. 
C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => not found.
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\MozillaPlugins\@talk.google.com/O3DPlugin => key not found. 
C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => not found.
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => key not found. 
C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => not found.
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => key not found. 
C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => not found.
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\MozillaPlugins\facebook.com/fbDesktopPlugin => key not found. 
C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF} => value removed successfully
avgtp => Unable to stop service.
avgtp => service removed successfully
taphss6 => service removed successfully
"HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => key removed successfully
"HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully
"HKU\S-1-5-21-1073046790-4199721133-1898668055-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3875AAE2-3653-413C-B9EE-A2404C64B652}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3875AAE2-3653-413C-B9EE-A2404C64B652}" => key removed successfully
C:\WINDOWS\System32\Tasks\avastBCLRestart_chrome.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestart_chrome.exe" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67D10128-2867-447B-ACBB-CBF9D908A569}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67D10128-2867-447B-ACBB-CBF9D908A569}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found. 
C:\Users\Terrick => ":Heroes & Generals" ADS removed successfully.
C:\ProgramData\TEMP => ":6152D44C" ADS removed successfully.
"C:\Users\Terrick\Downloads\JRT.exe" => ":BDU" ADS not found.
 
========= REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\vToolbarUpdater18.1.9" =========
 
Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\vToolbarUpdater18.1.9 (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5E7E936D-2413-41A0-8C0B-A16701116BC4}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{442F8AAD-391D-4F82-8DB2-AB30547603DC}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F923E4C-95F1-4412-90BE-2D540DEF70D6} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3535C538-C2E7-4CBF-98C6-5B43F66D30C8} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{53E6688B-1DD5-4833-BA34-86D4CB209D23}C:\program files\java\jre7\bin\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A38DD85-29A8-4F76-B137-3A19E282A912}C:\program files\java\jre7\bin\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9093083-CE86-4EFC-8785-73C0C05E373A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C033CE60-F2DF-4717-B55F-0FE3882BA51D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{551708CB-AF0A-4D59-9087-7DE0FC5D4B76}C:\program files (x86)\java\jre7\bin\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68E176E8-57A9-4B76-929D-72C7140CF7CC}C:\program files (x86)\java\jre7\bin\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{68B91DBD-C0C2-4FBA-BEB5-EE1C8C6C15FD}C:\windows\system32\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{29CC7B06-B2DD-4EFB-9ECF-51D772DC11D3}C:\windows\system32\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{01548C6B-A641-4D27-91AD-913FC21D3CA0}C:\program files\java\jre7\bin\javaw.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A021999-3F70-47A0-9A14-74220A88D5DE}C:\program files\java\jre7\bin\javaw.exe => value removed successfully
 
=========  type C:\AdwCleaner\AdwCleaner[C1].txt =========
 
# AdwCleaner v5.115 - Logfile created 04/05/2016 at 16:57:45
# Updated 01/05/2016 by Xplode
# Database : 2016-05-01.2 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Terrick - TERRICK-PC
# Running from : C:\Users\Terrick\Downloads\adwcleaner_5.115.exe
# Option : Clean
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 
[x] Service Not Deleted : hola_svc
[x] Service Not Deleted : hola_updater
[-] Service Deleted : sbmntr
[-] Service Deleted : MPCKpt
[-] Service Deleted : CloudPrinter
[-] Service Deleted : ProntSpooler
[-] Service Deleted : 35e670fc7424757c5eee45931c02558b
[-] Service Deleted : 549cd3c84dcb950849e33cbb5efd79a7
[-] Service Deleted : dusyzokyzbt
[-] Service Deleted : rijufoze
[-] Service Deleted : rocufyky
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Driver Manager
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\CloudPrinter
[-] Folder Deleted : C:\ProgramData\WindowsMsg
[-] Folder Deleted : C:\ProgramData\saveron
[-] Folder Deleted : C:\ProgramData\15257818333422377899
[-] Folder Deleted : C:\ProgramData\1c839145-3b13-1
[-] Folder Deleted : C:\ProgramData\1c839145-6073-0
[-] Folder Deleted : C:\ProgramData\d3bea8ef53155bab
[-] Folder Deleted : C:\ProgramData\leess2pay
[-] Folder Deleted : C:\ProgramData\saaveensyhhare
[#] Folder Deleted : C:\ProgramData\saveron
[-] Folder Deleted : C:\ProgramData\{8526d782-ac65-c15a-8526-6d782ac65e0a}
[#] Folder Deleted : C:\ProgramData\Application Data\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\Application Data\Babylon
[#] Folder Deleted : C:\ProgramData\Application Data\Driver Manager
[#] Folder Deleted : C:\ProgramData\Application Data\Tarma Installer
[#] Folder Deleted : C:\ProgramData\Application Data\tencent
[#] Folder Deleted : C:\ProgramData\Application Data\CloudPrinter
[#] Folder Deleted : C:\ProgramData\Application Data\WindowsMsg
[#] Folder Deleted : C:\ProgramData\Application Data\saveron
[#] Folder Deleted : C:\ProgramData\Application Data\15257818333422377899
[#] Folder Deleted : C:\ProgramData\Application Data\1c839145-3b13-1
[#] Folder Deleted : C:\ProgramData\Application Data\1c839145-6073-0
[#] Folder Deleted : C:\ProgramData\Application Data\d3bea8ef53155bab
[#] Folder Deleted : C:\ProgramData\Application Data\leess2pay
[#] Folder Deleted : C:\ProgramData\Application Data\saaveensyhhare
[#] Folder Deleted : C:\ProgramData\Application Data\saveron
[#] Folder Deleted : C:\ProgramData\Application Data\{8526d782-ac65-c15a-8526-6d782ac65e0a}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Sear
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saaveensyhhare
[-] Folder Deleted : C:\Program Files (x86)\Cain
[-] Folder Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\YTDownloader
[-] Folder Deleted : C:\Program Files (x86)\WeatherChickn
[-] Folder Deleted : C:\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1
[-] Folder Deleted : C:\Program Files (x86)\PriceDownloadeer
[-] Folder Deleted : C:\Program Files (x86)\saveron
[#] Folder Deleted : C:\Program Files (x86)\saveron
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\WINDOWS\hwopt_03052016163218
[-] Folder Deleted : C:\WINDOWS\hwopt_04052016154315
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\Temp\MPC
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\apn
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\AVG Secure Search
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\blekkotb
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\BrowserHelper
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Terrick\AppData\Local\csdi_monetize_120160503
[-] Folder Deleted : C:\Users\Terrick\AppData\LocalLow\AVG Secure Search
[-] Folder Deleted : C:\Users\Terrick\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Terrick\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\Terrick\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Terrick\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\Terrick\AppData\Roaming\YourFileDownloader
[-] Folder Deleted : C:\Users\Terrick\AppData\Roaming\vnlgp
[-] Folder Deleted : C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Folder Deleted : C:\Users\Terrick\Documents\Add-in Express
[-] Folder Deleted : C:\Program Files\Hola
[-] Folder Deleted : C:\Program Files\腾讯游戏
 
***** [ Files ] *****
 
[-] File Deleted : C:\WINDOWS\SysWOW64\findit.xml
[-] File Deleted : C:\Users\Terrick\AppData\Local\Temp\Utils.dll
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
[-] Key Deleted : \root\subscription\\ActiveScriptEventConsumer [ASEC]
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : BitGuard
[-] Task Deleted : YourFile DownloaderUpdate
[-] Task Deleted : YTDownloader
[-] Task Deleted : YTDownloaderUpd
[-] Task Deleted : osTip
[-] Task Deleted : Bidaily Synchronize Task[973b]
[-] Task Deleted : Bidaily Synchronize Task[973b]
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Value Deleted : HKCU\Environment [SNF]
[-] Value Deleted : HKCU\Environment [SNP]
[-] Key Deleted : HKCU\Software\5b558c8bbd3dea15
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\5b558c8bbd3dea15
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myway.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\safepcrepair.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\safepcrepair.dl.myway.com
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE1662E-06F1-413D-80CB-33D456D1CFCB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\BABSOLUTION
[-] Key Deleted : HKCU\Software\cain
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\Hola
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\StartSearch
[-] Key Deleted : HKCU\Software\WajIEnhance
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\YourFileDownloader
[-] Key Deleted : HKCU\Software\osTip
[-] Key Deleted : HKCU\Software\MICROSOFT\OTUT
[-] Key Deleted : HKCU\Software\mtZonekix
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\blekkotb
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\LookSafe
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\SP Global
[-] Key Deleted : HKLM\SOFTWARE\SProtector
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\mtZonekix
[-] Key Deleted : HKLM\SOFTWARE\Social2Sear
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Hola
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\Social2Sear
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\data
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[-] Key Deleted : HKU\.DEFAULT\Software\Hola
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{C5717479-5FC6-4C95-901D-D06873FC386F}C:\program files (x86)\common files\tencent\qqdownload\121\tencentdl.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{2732DBD7-9E24-4848-BED5-F6D01495A7B3}C:\program files (x86)\common files\tencent\qqdownload\121\tencentdl.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2265E7C7-C84C-49E6-A8B0-DD8BE120309C}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3F94DF79-B632-4524-B4F0-71863170ADC4}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E2B9A93B-E676-4649-AEEC-C1840BD05B1E}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{72B39C96-2914-4056-B0B3-209C00E6D45C}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4FF2F012-0549-436A-B03E-820AFD1CE0AF}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AE774E5B-610F-4BEC-A3AE-4E9E437247A4}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Anti-phishing Domain Advisor
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\hola
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\vProt
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [osmsg]
[#] Value Deleted : HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Windows\CurrentVersion\Run [osmsg]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Buzzing Dhol.exe]
[#] Value Deleted : HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Windows\CurrentVersion\Run [Buzzing Dhol.exe]
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [17548 bytes] - [04/05/2016 16:57:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [21526 bytes] - [04/05/2016 16:26:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [18832 bytes] - [04/05/2016 16:56:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17770 bytes] ##########
 
========= End of CMD: =========
 
 
=========  type C:\AdwCleaner\AdwCleaner[C2].txt =========
 
# AdwCleaner v5.115 - Logfile created 05/05/2016 at 13:03:03
# Updated 01/05/2016 by Xplode
# Database : 2016-05-04.2 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Terrick - TERRICK-PC
# Running from : C:\Users\Terrick\Desktop\Tools\adwcleaner_5.115.exe
# Option : Clean
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 
[-] Service Deleted : hola_svc
[-] Service Deleted : hola_updater
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\WINDOWS\SysNative\drivers\35e670fc7424757c5eee45931c02558b.sys
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [url]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DisplayName]
[#] Value Deleted : HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\SearchScopes [url]
[#] Value Deleted : HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\SearchScopes [DisplayName]
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [17890 bytes] - [04/05/2016 16:57:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1388 bytes] - [05/05/2016 13:03:03]
C:\AdwCleaner\AdwCleaner[S1].txt - [21526 bytes] - [04/05/2016 16:26:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [18832 bytes] - [04/05/2016 16:56:47]
C:\AdwCleaner\AdwCleaner[S3].txt - [1949 bytes] - [05/05/2016 00:07:13]
C:\AdwCleaner\AdwCleaner[S4].txt - [1917 bytes] - [05/05/2016 12:58:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1755 bytes] ##########
 
========= End of CMD: =========
 
 
=========  type C:\AdwCleaner\AdwCleaner[C3].txt =========
 
# AdwCleaner v5.115 - Logfile created 05/05/2016 at 19:33:17
# Updated 01/05/2016 by Xplode
# Database : 2016-05-04.2 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Terrick - TERRICK-PC
# Running from : C:\Users\Terrick\Desktop\Internet and Security\adwcleaner_5.115.exe
# Option : Clean
# Support : http://toolslib.net/forum
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [17890 bytes] - [04/05/2016 16:57:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1834 bytes] - [05/05/2016 13:03:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [887 bytes] - [05/05/2016 19:33:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [21526 bytes] - [04/05/2016 16:26:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [18832 bytes] - [04/05/2016 16:56:47]
C:\AdwCleaner\AdwCleaner[S3].txt - [1949 bytes] - [05/05/2016 00:07:13]
C:\AdwCleaner\AdwCleaner[S4].txt - [1917 bytes] - [05/05/2016 12:58:42]
C:\AdwCleaner\AdwCleaner[S5].txt - [1531 bytes] - [05/05/2016 19:27:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1326 bytes] ##########
 
========= End of CMD: =========
 
================== Zip: ===================
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs -> copied successfully to C:\Users\Terrick\Desktop\Upload.zip
=========== Zip: End ===========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 7.8 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 01:12:16 ====
 
Emsisoft Emergency Kit Log :

 

Emsisoft Emergency Kit - Version 11.0

Quarantine log
 
Date Source Event Detection
5/9/2016 1:35:23 AM C:\Program Files (x86)\GameSpy Arcade\ Moved to quarantine Adware.Win32.Gaspacade (A)
5/9/2016 1:35:23 AM C:\Users\Terrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk Moved to quarantine Adware.Win32.Gaspacade (A)
5/9/2016 1:35:23 AM Key: HKEY_USERS\S-1-5-21-1073046790-4199721133-1898668055-1002\SOFTWARE\GAMESPY\GAMESPY ARCADE Moved to quarantine Adware.Win32.Gaspacade (A)
5/9/2016 1:35:23 AM Key: HKEY_USERS\S-1-5-21-1073046790-4199721133-1898668055-1010\SOFTWARE\GAMESPY\GAMESPY ARCADE Moved to quarantine Adware.Win32.Gaspacade (A)
5/9/2016 1:35:23 AM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GAMESPY ARCADE Moved to quarantine Adware.Win32.Gaspacade (A)
5/9/2016 1:35:23 AM Key: HKEY_USERS\S-1-5-21-1073046790-4199721133-1898668055-1010\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Moved to quarantine Application.AdGenie (A)
5/9/2016 1:35:22 AM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Moved to quarantine Application.AdReg (A)
5/9/2016 1:35:22 AM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Moved to quarantine Application.AdReg (A)
5/9/2016 1:35:22 AM Key: HKEY_USERS\S-1-5-21-1073046790-4199721133-1898668055-1010_CLASSES\WOW6432NODE\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} Moved to quarantine Application.Toolbar (A)
 
FRST.txt log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-05-2016
Ran by Terrick (administrator) on TERRICK-PC (09-05-2016 01:37:41)
Running from C:\Users\Terrick\Desktop\Tools
Loaded Profiles: Terrick & UpdatusUser & DefaultAppPool (Available Profiles: Terrick & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (the data entry has 36 more characters).
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Google Update] => C:\Users\Terrick\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-09] (Google Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2016-05-05]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Terrick\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6fa390ac-ca95-4047-9bd3-549698be1787}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b10fc2b3-895f-4656-81b5-58c584aa9cf1}: [DhcpNameServer] 192.168.0.1
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?lang=en-ca&OCID=iehp
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/O1DPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Terrick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/GoogleTalkPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/O3DPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=3 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=9 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: facebook.com/fbDesktopPlugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.facebook.com/","hxxp://www.outlook.com/","hxxp://www.flickr.com/","hxxp://www.youtube.com/"
CHR Profile: C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Tampermonkey) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-13]
CHR Extension: (AdBlock Premium) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2016-05-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-05]
CHR Extension: (Gmail) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-04-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
StartMenuInternet: Google Chrome.T-Harls - C:\Users\T-Harls\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1318944 2016-02-03] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-22] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-04-13] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-01] ()
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2016-03-15] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
R3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-12-11] ()
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [360288 2016-02-04] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-12-11] ()
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-24] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-01] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 Si3132r5; C:\Windows\system32\drivers\Si3132r5.sys [337960 2007-12-26] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2007-12-26] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2007-12-26] (Silicon Image, Inc.)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-12-06] (TENCENT) [File not signed]
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [39936 2015-10-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-09 01:36 - 2016-05-09 01:36 - 00003096 _____ C:\Users\Terrick\Desktop\Quarantine_160509-013557.txt
2016-05-09 01:22 - 2016-05-09 01:36 - 00000000 ____D C:\EEK
2016-05-09 01:07 - 2016-05-09 01:07 - 00802041 _____ C:\Users\Terrick\Desktop\Upload.zip
2016-05-09 01:04 - 2016-05-05 05:41 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-05-09 01:02 - 2016-05-09 01:02 - 00241518 _____ C:\ProgramData\1462780885.bdinstall.bin
2016-05-05 20:29 - 2016-05-05 20:29 - 00001146 _____ C:\Users\Terrick\Desktop\Malewarebytes1.txt
2016-05-05 19:28 - 2016-05-05 19:28 - 00002215 _____ C:\Users\Terrick\Desktop\JRT.txt
2016-05-05 13:36 - 2016-05-05 13:37 - 00000000 _____ C:\Users\Terrick\java
2016-05-05 13:25 - 2016-05-05 13:25 - 00000000 ____D C:\Users\Terrick\AppData\Temp
2016-05-05 13:03 - 2016-05-09 01:01 - 00003728 _____ C:\bdlog.txt
2016-05-05 13:03 - 2016-05-05 13:03 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-05-05 13:03 - 2016-05-05 13:03 - 00000385 _____ C:\Users\Terrick\AppData\Roaminguser_gensett.xml
2016-05-05 13:01 - 2016-05-05 13:01 - 00000000 ____D C:\ProgramData\BDLogging
2016-05-05 13:01 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-05-05 06:39 - 2016-05-05 06:39 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\QuickScan
2016-05-05 05:45 - 2016-05-05 14:29 - 00000000 ____D C:\Users\Terrick\Documents\NetBeansProjects
2016-05-05 05:30 - 2016-05-05 05:30 - 00572214 _____ C:\Users\Terrick\Downloads\rhino_jdk7.tar.gz
2016-05-05 05:28 - 2016-05-05 05:44 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\NetBeans
2016-05-05 05:28 - 2016-05-05 05:28 - 00000000 ____D C:\Users\Terrick\AppData\Local\NetBeans
2016-05-05 05:27 - 2016-05-09 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-05 05:27 - 2016-05-05 05:41 - 00316992 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-05-05 05:27 - 2016-05-05 05:41 - 00206912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-05-05 05:27 - 2016-05-05 05:41 - 00206912 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-05-05 05:27 - 2016-05-05 05:41 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-05-05 05:15 - 2016-05-05 05:40 - 00002094 _____ C:\Users\Public\Desktop\NetBeans IDE 8.1.lnk
2016-05-05 05:15 - 2016-05-05 05:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-05-05 05:13 - 2016-05-05 05:21 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-05-05 05:12 - 2016-05-05 05:28 - 00000000 ____D C:\Users\Terrick\.nbi
2016-05-05 05:12 - 2016-05-05 05:12 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Oracle
2016-05-05 05:05 - 2016-05-05 05:42 - 00000000 ____D C:\Users\Terrick\.oracle_jre_usage
2016-05-05 05:04 - 2016-05-05 05:04 - 00000000 ____D C:\Users\Terrick\AppData\LocalLow\Oracle
2016-05-05 00:39 - 2016-05-05 00:39 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-05 00:37 - 2016-05-09 01:14 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-05 00:37 - 2016-05-05 00:37 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-05-05 00:15 - 2016-05-09 01:20 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 00:15 - 2016-05-09 01:15 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 00:15 - 2016-05-05 05:40 - 00002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-05 00:15 - 2016-05-05 00:15 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-05 00:15 - 2016-05-05 00:15 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-04 17:22 - 2016-05-08 22:42 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3E7B3800-E9F6-4C9A-8475-AAB9A80A7EE5}
2016-05-04 16:24 - 2016-05-05 19:33 - 00000000 ____D C:\AdwCleaner
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\Users\Terrick\AppData\Local\VS Revo Group
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\Program Files\VS Revo Group
2016-05-04 16:24 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-05-04 01:01 - 2016-05-04 16:42 - 00000000 ____D C:\Users\Terrick\AppData\Local\app
2016-05-04 00:39 - 2016-05-09 01:37 - 00000000 ____D C:\FRST
2016-05-03 16:26 - 2016-05-03 16:26 - 00000013 _____ C:\WINDOWS\system32\Example.txt
2016-05-03 16:12 - 2016-04-23 03:28 - 00000804 ____R C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-03 16:11 - 2016-05-03 16:11 - 06494208 _____ C:\Users\Terrick\AppData\Roaming\agent.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 01626777 _____ C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00072717 _____ C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00018432 _____ C:\Users\Terrick\AppData\Roaming\Main.dat
2016-05-03 16:10 - 2016-05-03 16:10 - 00127488 _____ C:\Users\Terrick\AppData\Roaming\Installer.dat
2016-05-03 15:42 - 2016-05-03 15:42 - 00000000 ____D C:\Users\Terrick\Downloads\workbench_materials
2016-05-03 15:41 - 2016-05-03 15:41 - 00000000 ____D C:\Program Files (x86)\VTFEdit
2016-04-23 03:25 - 2016-04-23 03:25 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-23 03:25 - 2016-04-23 03:25 - 00001994 _____ C:\WINDOWS\unins000.dat
2016-04-23 03:25 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-23 03:25 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-23 03:21 - 2016-04-23 03:23 - 00000000 ____D C:\Users\Terrick\Downloads\Bandicam 3.0.4.1035 RePack (& Portable) by KpoJIuK
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dxtory Software
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Program Files (x86)\ExKode
2016-04-22 02:18 - 2016-04-22 02:18 - 00000000 ____D C:\Program Files\Speccy
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\Program Files\CPUID
2016-04-13 16:45 - 2016-04-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 18:34 - 2016-03-29 01:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 18:34 - 2016-03-29 00:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 18:34 - 2016-03-29 00:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-12 18:34 - 2016-03-28 23:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-12 18:34 - 2016-03-28 23:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-12 18:34 - 2016-03-28 23:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-12 18:34 - 2016-03-28 22:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-12 18:34 - 2016-03-28 22:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-12 18:33 - 2016-04-01 21:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 18:33 - 2016-04-01 21:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 18:33 - 2016-04-01 20:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-12 18:33 - 2016-04-01 20:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-12 18:33 - 2016-04-01 20:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 18:33 - 2016-04-01 20:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-12 18:33 - 2016-04-01 20:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-12 18:33 - 2016-04-01 20:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 18:33 - 2016-04-01 20:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-12 18:33 - 2016-04-01 20:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-12 18:33 - 2016-03-29 03:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 18:33 - 2016-03-29 03:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 03:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 18:33 - 2016-03-29 03:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 18:33 - 2016-03-29 03:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 18:33 - 2016-03-29 03:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 18:33 - 2016-03-29 02:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 02:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-12 18:33 - 2016-03-29 02:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-12 18:33 - 2016-03-29 02:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 18:33 - 2016-03-29 02:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-12 18:33 - 2016-03-29 01:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 18:33 - 2016-03-29 01:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-12 18:33 - 2016-03-29 01:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 18:33 - 2016-03-29 01:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 18:33 - 2016-03-29 01:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 18:33 - 2016-03-29 00:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-12 18:33 - 2016-03-29 00:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 18:33 - 2016-03-29 00:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-12 18:33 - 2016-03-29 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-12 18:33 - 2016-03-29 00:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 18:33 - 2016-03-29 00:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 18:33 - 2016-03-29 00:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-12 18:33 - 2016-03-29 00:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-12 18:33 - 2016-03-29 00:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 18:33 - 2016-03-29 00:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 18:33 - 2016-03-29 00:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 18:33 - 2016-03-29 00:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-29 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 18:33 - 2016-03-29 00:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-12 18:33 - 2016-03-29 00:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-12 18:33 - 2016-03-29 00:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-12 18:33 - 2016-03-29 00:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-12 18:33 - 2016-03-29 00:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-12 18:33 - 2016-03-29 00:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 18:33 - 2016-03-29 00:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-12 18:33 - 2016-03-28 23:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 18:33 - 2016-03-28 23:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-12 18:33 - 2016-03-28 23:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-28 23:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-12 18:33 - 2016-03-28 23:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-12 18:33 - 2016-03-28 23:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-12 18:33 - 2016-03-28 23:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-12 18:33 - 2016-03-28 23:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-28 23:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 18:33 - 2016-03-28 23:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-12 18:33 - 2016-03-28 23:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-12 18:33 - 2016-03-28 23:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-28 23:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 18:33 - 2016-03-28 23:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 23:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 18:33 - 2016-03-28 23:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 18:33 - 2016-03-28 23:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 18:33 - 2016-03-28 22:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 22:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-12 18:33 - 2016-03-28 22:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-12 18:33 - 2016-03-28 22:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-12 18:33 - 2016-03-28 22:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-12 18:33 - 2016-03-28 22:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-12 18:33 - 2016-03-28 22:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 18:33 - 2016-03-28 22:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-12 18:33 - 2016-03-28 22:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-12 18:33 - 2016-03-28 22:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-12 18:33 - 2016-03-28 22:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-12 18:33 - 2016-03-28 22:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-12 18:33 - 2016-03-28 22:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-12 18:33 - 2016-03-28 22:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 18:33 - 2016-03-28 22:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 18:32 - 2016-04-01 20:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-12 18:32 - 2016-04-01 20:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-12 18:32 - 2016-04-01 20:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-12 18:32 - 2016-04-01 20:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-12 18:32 - 2016-04-01 20:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-12 18:32 - 2016-04-01 20:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-12 18:32 - 2016-03-29 03:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 18:32 - 2016-03-29 03:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 18:32 - 2016-03-29 03:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 03:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 18:32 - 2016-03-29 03:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-12 18:32 - 2016-03-29 02:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 18:32 - 2016-03-29 02:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 02:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 18:32 - 2016-03-29 02:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 18:32 - 2016-03-29 02:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 18:32 - 2016-03-29 02:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 18:32 - 2016-03-29 02:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-12 18:32 - 2016-03-29 02:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-12 18:32 - 2016-03-29 01:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 01:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 18:32 - 2016-03-29 01:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-12 18:32 - 2016-03-29 01:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-12 18:32 - 2016-03-29 01:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 18:32 - 2016-03-29 01:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-12 18:32 - 2016-03-29 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 01:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-12 18:32 - 2016-03-29 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-12 18:32 - 2016-03-29 00:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 18:32 - 2016-03-29 00:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 18:32 - 2016-03-29 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 18:32 - 2016-03-29 00:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 18:32 - 2016-03-29 00:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-12 18:32 - 2016-03-29 00:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 18:32 - 2016-03-29 00:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 18:32 - 2016-03-29 00:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 18:32 - 2016-03-29 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 18:32 - 2016-03-29 00:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 18:32 - 2016-03-29 00:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 18:32 - 2016-03-29 00:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 18:32 - 2016-03-29 00:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-12 18:32 - 2016-03-29 00:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-12 18:32 - 2016-03-29 00:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 18:32 - 2016-03-29 00:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 18:32 - 2016-03-29 00:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 18:32 - 2016-03-29 00:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 18:32 - 2016-03-29 00:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 00:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 18:32 - 2016-03-29 00:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-12 18:32 - 2016-03-29 00:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 18:32 - 2016-03-28 23:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-12 18:32 - 2016-03-28 23:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-12 18:32 - 2016-03-28 23:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 18:32 - 2016-03-28 23:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-28 23:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-28 23:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-28 23:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-12 18:32 - 2016-03-28 23:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-12 18:32 - 2016-03-28 23:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 18:32 - 2016-03-28 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-12 18:32 - 2016-03-28 23:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 18:32 - 2016-03-28 23:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 23:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 18:32 - 2016-03-28 23:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-12 18:32 - 2016-03-28 22:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 18:32 - 2016-03-28 22:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 22:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 18:32 - 2016-03-28 22:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 18:32 - 2016-03-28 22:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 18:32 - 2016-03-28 22:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 00002093 _____ C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2016-04-09 12:41 - 2016-04-09 12:41 - 00001661 _____ C:\Users\Terrick\Downloads\54798b85b50d61a97628-5bb6189bb24cd25d80cb9968c36d640e5ec22008.zip
2016-04-09 02:20 - 2016-04-09 02:20 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-09 01:37 - 2016-03-07 14:19 - 00000000 ___RD C:\Users\Terrick\Desktop\Tools
2016-05-09 01:19 - 2016-01-08 10:44 - 01013824 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 01:19 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-09 01:16 - 2015-06-22 01:50 - 00000000 ___RD C:\Users\Terrick\Dropbox
2016-05-09 01:14 - 2015-06-22 01:32 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-09 01:13 - 2016-01-08 11:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-09 01:13 - 2016-01-08 10:41 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-09 01:13 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-05-09 01:13 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-09 01:09 - 2011-09-06 17:15 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002UA.job
2016-05-09 01:07 - 2011-12-10 23:43 - 00000000 ____D C:\Users\Terrick\AppData\LocalLow\Temp
2016-05-09 01:05 - 2012-03-16 23:00 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011UA.job
2016-05-09 01:04 - 2014-03-06 10:47 - 00002193 _____ C:\Users\Terrick\Desktop\BitMinter Client.lnk
2016-05-09 01:04 - 2014-03-06 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-09 01:04 - 2012-10-18 09:20 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-09 01:04 - 2011-09-22 16:17 - 00000000 ____D C:\Program Files\Java
2016-05-09 00:59 - 2011-11-04 07:50 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Audacity
2016-05-09 00:48 - 2015-01-29 00:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-09 00:42 - 2015-06-22 01:32 - 00000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-08 23:05 - 2012-03-16 23:00 - 00000860 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011Core.job
2016-05-08 15:27 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-08 14:09 - 2011-09-06 17:15 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002Core.job
2016-05-08 02:00 - 2011-12-17 00:16 - 00000000 ____D C:\Users\Terrick\AppData\Local\Adobe
2016-05-07 17:26 - 2016-04-07 15:48 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-06 22:43 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-05 20:30 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Cursors
2016-05-05 20:29 - 2016-01-08 10:44 - 00000000 ____D C:\Users\Terrick
2016-05-05 20:06 - 2016-02-01 17:03 - 00004174 _____ C:\Users\Terrick\Desktop\Cat Names.txt
2016-05-05 19:43 - 2014-09-01 00:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-05 19:39 - 2015-10-29 23:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-05 19:27 - 2013-04-21 01:52 - 00000000 ___RD C:\Users\Terrick\Desktop\Internet and Security
2016-05-05 19:20 - 2011-10-04 16:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-05 19:20 - 2011-06-09 15:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-05 19:13 - 2015-12-29 15:02 - 00000000 ____D C:\Games
2016-05-05 19:13 - 2014-10-09 02:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-05 19:12 - 2014-10-09 02:23 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Opera Software
2016-05-05 19:12 - 2014-10-09 02:23 - 00000000 ____D C:\Users\Terrick\AppData\Local\Opera Software
2016-05-05 19:11 - 2013-05-22 14:04 - 00000000 ____D C:\Program Files (x86)\R.G.Games
2016-05-05 19:11 - 2012-12-30 00:34 - 00000000 ____D C:\Program Files (x86)\MP3 Skype Recorder
2016-05-05 19:07 - 2012-02-16 19:15 - 00000000 ____D C:\Fraps
2016-05-05 19:06 - 2011-09-01 17:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-05 19:05 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 19:03 - 2015-09-10 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-05 19:03 - 2013-06-27 15:54 - 00000000 ____D C:\Program Files (x86)\Project64 2.0
2016-05-05 05:40 - 2016-03-11 03:56 - 00001270 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-05-05 05:40 - 2016-01-08 10:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-05 05:40 - 2015-07-15 20:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-05 05:40 - 2015-07-08 00:09 - 00000986 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2016-05-05 05:40 - 2015-06-25 11:18 - 00001148 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-05-05 05:40 - 2015-06-23 18:27 - 00000840 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-05-05 05:40 - 2015-03-17 18:36 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk
2016-05-05 05:40 - 2015-03-17 00:03 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-bit.lnk
2016-05-05 05:40 - 2015-01-08 00:09 - 00000986 _____ C:\Users\Public\Desktop\Gyazo.lnk
2016-05-05 05:40 - 2014-08-13 15:42 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-05-05 05:40 - 2014-01-28 10:00 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2016-05-05 05:40 - 2013-03-05 17:57 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-05-05 05:40 - 2011-12-17 02:52 - 00001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk
2016-05-05 05:40 - 2011-12-17 02:50 - 00001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:50 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2016-05-05 05:40 - 2011-12-17 02:49 - 00001561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:49 - 00001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:48 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-05-05 05:40 - 2011-12-17 00:17 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2016-05-05 05:40 - 2011-10-04 16:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-05 05:40 - 2011-06-10 15:25 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-05-05 05:40 - 2011-06-10 15:25 - 00001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-05-05 05:40 - 2011-06-10 15:24 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-05-05 05:40 - 2011-06-10 15:24 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-05-05 05:39 - 2016-01-08 19:25 - 00002421 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-05 05:39 - 2012-11-25 05:08 - 00002529 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2016-05-05 05:39 - 2012-08-16 14:43 - 00001440 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\DayZ Commander.lnk
2016-05-05 05:38 - 2016-03-07 14:10 - 00000817 _____ C:\Users\Terrick\Desktop\Deriv.lnk
2016-05-05 05:38 - 2014-10-09 01:15 - 00001191 _____ C:\Users\Terrick\Desktop\GamersFirst LIVE!.lnk
2016-05-05 05:38 - 2014-06-03 12:19 - 00001347 _____ C:\Users\Terrick\Desktop\bitcoin wallet.lnk
2016-05-05 05:36 - 2015-10-30 00:26 - 00000000 ____D C:\WINDOWS\Setup
2016-05-05 05:12 - 2014-08-01 12:40 - 00000000 __SHD C:\Users\Terrick\AppData\Local\EmieUserList
2016-05-05 05:12 - 2014-08-01 12:40 - 00000000 __SHD C:\Users\Terrick\AppData\Local\EmieSiteList
2016-05-05 05:12 - 2014-03-06 10:46 - 00000000 ____D C:\ProgramData\Oracle
2016-05-05 05:05 - 2011-11-16 17:19 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Sun
2016-05-05 01:59 - 2011-09-06 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-05 00:22 - 2013-04-21 01:50 - 00000000 ____D C:\Users\Terrick\Desktop\Creative Software
2016-05-05 00:15 - 2013-11-01 12:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-05 00:09 - 2013-04-21 01:47 - 00000000 ____D C:\Users\Terrick\Desktop\Games
2016-05-05 00:09 - 2012-05-03 15:42 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 00:09 - 2011-09-06 17:15 - 00000000 ____D C:\Users\Terrick\AppData\Local\Apps\2.0
2016-05-04 17:25 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-04 17:21 - 2014-08-10 02:09 - 00000000 __SHD C:\Users\Terrick\AppData\LocalLow\EmieUserList
2016-05-04 17:21 - 2014-06-26 00:22 - 00000000 __SHD C:\Users\Terrick\AppData\LocalLow\EmieSiteList
2016-05-04 17:05 - 2011-10-24 16:13 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2016-05-04 15:41 - 2016-01-08 10:44 - 00000000 ____D C:\Users\UpdatusUser
2016-05-03 03:42 - 2014-06-05 14:46 - 00000000 ____D C:\Users\Terrick\AppData\Local\Packages
2016-04-28 01:55 - 2013-04-21 01:59 - 00000000 ____D C:\Users\Terrick\Desktop\Recording Software
2016-04-23 20:47 - 2016-02-03 18:35 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\TS3Client
2016-04-23 04:34 - 2012-09-02 19:53 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\.minecraft
2016-04-22 00:57 - 2010-11-20 20:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 14:02 - 2016-01-08 19:25 - 00000000 ___RD C:\Users\Terrick\OneDrive
2016-04-16 16:59 - 2013-04-21 01:52 - 00000000 ____D C:\Users\Terrick\Desktop\Text and random
2016-04-14 02:06 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-04-14 02:06 - 2011-09-07 07:06 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-04-13 16:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-13 16:46 - 2015-06-22 01:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-13 15:44 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-04-13 15:43 - 2011-10-15 22:15 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-13 12:37 - 2015-06-22 01:32 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dropbox
2016-04-13 05:19 - 2016-01-08 10:36 - 05045872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 00:11 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 00:09 - 2013-08-12 03:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 00:04 - 2011-06-01 12:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-12 12:40 - 2016-02-15 21:36 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-04-12 12:38 - 2016-02-15 21:36 - 00002760 _____ C:\WINDOWS\SysWOW64\lgAxconfig.ini
 
==================== Files in the root of some directories =======
 
2014-06-20 00:44 - 2014-06-20 00:44 - 0000234 _____ () C:\Users\Terrick\AppData\Roaming\1.png
2013-10-01 19:55 - 2013-10-01 19:55 - 0001562 _____ () C:\Users\Terrick\AppData\Roaming\28.svg
2012-04-15 22:07 - 2011-12-22 14:30 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:57 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:47 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-05-03 16:11 - 2016-05-03 16:11 - 6494208 _____ () C:\Users\Terrick\AppData\Roaming\agent.dat
2010-07-19 14:16 - 2010-07-19 14:16 - 0004878 _____ () C:\Users\Terrick\AppData\Roaming\b_dk.jpg
2016-04-12 02:21 - 2016-04-12 02:21 - 0209477 _____ () C:\Users\Terrick\AppData\Roaming\chapter.gif
2016-05-03 16:11 - 2016-05-03 16:11 - 1626777 _____ () C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:10 - 2016-05-03 16:10 - 0127488 _____ () C:\Users\Terrick\AppData\Roaming\Installer.dat
2015-07-03 03:22 - 2015-07-03 03:22 - 0000098 _____ () C:\Users\Terrick\AppData\Roaming\LauncherSettings_live.cfg
2016-05-03 16:11 - 2016-05-03 16:11 - 0018432 _____ () C:\Users\Terrick\AppData\Roaming\Main.dat
2013-10-01 19:56 - 2013-10-01 19:56 - 0001349 _____ () C:\Users\Terrick\AppData\Roaming\make.graphic.viewport.xml
2014-10-06 21:39 - 2014-10-06 21:39 - 0011264 _____ () C:\Users\Terrick\AppData\Roaming\System.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 0002093 _____ () C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2012-08-18 17:30 - 2012-08-18 17:30 - 0001181 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.1.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000919 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000000 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-05-03 16:11 - 2016-05-03 16:11 - 0072717 _____ () C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2014-07-06 16:04 - 2014-07-06 16:05 - 0008665 _____ () C:\Users\Terrick\AppData\Local\CleanupUninstall.txt
2011-09-13 17:11 - 2011-09-13 17:19 - 0005632 _____ () C:\Users\Terrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-07 16:47 - 2011-09-07 16:47 - 0007602 _____ () C:\Users\Terrick\AppData\Local\Resmon.ResmonCfg
2016-05-09 01:02 - 2016-05-09 01:02 - 0241518 _____ () C:\ProgramData\1462780885.bdinstall.bin
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-02 16:06
 
==================== End of FRST.txt ============================
 
 

Attached Files


Edited by Terk1023, 09 May 2016 - 04:02 AM.


#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 10 May 2016 - 02:25 PM

Thank you for the logs :)

I can see that AdwCleaner really went all out on your system, getting rid of pretty much everything by itself. Emsisoft mostly got rid of GameSpy (discontinued now, and has long been considered a spyware by some).

There's one program left to uninstall, and it's Popcorn Time. The original project was shut down quite some time ago, and many, many forks came out of it, however, most of them could be seen as malicious. Once uninstalled, we'll run a new FRST fix to get rid of its remnants, and finish up with ESET Online Scanner. Follow the instructions below please.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste that log in your next reply;


cvMlKv6.pngESET Online Scanner
Note : If you use Internet Explorer to get the ESET Online Scanner, you won't have to download, nor install the tool, as everything will be ran in a contextual (pop-up) window of Internet Explorer. However, for every other browsers, you will have to download and install ESET Online Scanner. In this set of instruction, I'll use Google Chrome to download it and run it (since a lot of people will do it), however, except for the download and installation procedure, the same instructions applies if you use Internet Explorer. Please note that two or three prompts will appear if you use Internet Explorer asking you to reload the page, authorize the application, execute it, etc. Accept all of them in order to run ESET Online Scanner.
  • Download and execute ESET Online Scanner (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
  • Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :
    • Enable detection of potentially unwanted applications;
    • Scan archives;
    • Scan for potentially unsafe applications;
    • Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;
  • After you're done checking these options, click on "Start" and ESET Online Scanner will download it's virus signature database before starting the scan;
  • Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
  • After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
  • Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
  • Once you're done, click on the Back button, then click on the Finish button;
After all this, how is your computer running now? Are there any other issues you would like me to address?

Your next reply(ies) should include:
  • Copy/pasted content of the FRST fixlog;
  • Copy/pasted content of the ESET Online Scanner log;
  • Answer to my questions about your computer current state and remaining issues;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 Terk1023

Terk1023
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 11 May 2016 - 02:36 PM

Hi, thank you for all the help Aura! I believe my computer is back to normal thanks to your help! I have a question regarding antivirus protection and which service I should use. Is Windows Defender and Malwarebytes sufficient? or should I use something else?
 
Here are the Logs! 
 
FRST:
 
Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by Terrick (2016-05-10 12:54:11) Run:2
Running from C:\Users\Terrick\Desktop\Tools
Loaded Profiles: Terrick & UpdatusUser & DefaultAppPool (Available Profiles: Terrick & UpdatusUser & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
 
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-05-05]
 
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
 
IE trusted site: HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\hola.org -> hxxp://hola.org
 
FirewallRules: [{87893CB5-5520-456B-BF96-04DC0BC757EE}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{4B22F4F5-4508-40A8-83A4-318ACE167380}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{E01DFB49-25D6-4702-88F6-85C9E2794DD9}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{6853F053-2835-4527-9B9A-755757A6308F}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{DD079F6A-DF21-40B5-9B76-31E7DFC57616}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{920B6F0B-634B-462E-8409-46FF5E36C4AF}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [UDP Query User{9D8172F0-EE3E-405B-845E-1EFB44E3FED7}C:\users\terrick\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\terrick\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{CE8DF161-59E6-4B9E-9470-12B73D496B89}C:\users\terrick\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\terrick\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{ABBE7B30-9770-48E8-A16F-062B6FB230AD}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{945ECD6A-E68F-4A2A-95E1-FC40230100D2}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
 
REG: REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\hola_svc" /f
REG: REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\hola_updater" /f
 
C:\Program Files\Hola
C:\Program Files (x86)\Popcorn Time
C:\Users\Public\Desktop\Popcorn Time.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio => moved successfully
Update service => service removed successfully
"HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87893CB5-5520-456B-BF96-04DC0BC757EE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B22F4F5-4508-40A8-83A4-318ACE167380} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E01DFB49-25D6-4702-88F6-85C9E2794DD9} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6853F053-2835-4527-9B9A-755757A6308F} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD079F6A-DF21-40B5-9B76-31E7DFC57616} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{920B6F0B-634B-462E-8409-46FF5E36C4AF} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9D8172F0-EE3E-405B-845E-1EFB44E3FED7}C:\users\terrick\appdata\local\popcorn time\node-webkit\popcorn time.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CE8DF161-59E6-4B9E-9470-12B73D496B89}C:\users\terrick\appdata\local\popcorn time\node-webkit\popcorn time.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABBE7B30-9770-48E8-A16F-062B6FB230AD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{945ECD6A-E68F-4A2A-95E1-FC40230100D2} => value removed successfully
 
========= REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\hola_svc" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\hola_updater" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
"C:\Program Files\Hola" => not found.
C:\Program Files (x86)\Popcorn Time => moved successfully
"C:\Users\Public\Desktop\Popcorn Time.lnk" => not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk => moved successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 12:55:20 ====
 
ESET Scan:
 
C:\$Recycle.Bin\S-1-5-21-1073046790-4199721133-1898668055-1006\$RGXYRUN\The Forest\steam_api.dll a variant of Win32/HackTool.Crack.DW potentially unsafe application cleaned by deleting
C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\5223CAC0-1462317111-11E0-B573-F46D044F0EE1\vnspB6AB.tmp.vir multiple threats cleaned by deleting
C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\WeatherChickn\WeatherChickn.exe.vir Win32/Adware.ConvertAd.AHN application cleaned by deleting
C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\YTDownloader\sbmntr.sys.vir Win64/SpeedBit.B potentially unwanted application cleaned by deleting
C:\AdwCleaner\FileQuarantine\C\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting
C:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
C:\Program Files (x86)\Cheat Engine 6.5\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
C:\Users\Public\Downloads\ccsetup500.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Public\Downloads\cpu-z_1.58-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted
C:\Users\Terrick\Desktop\7c8625B.tmp MSIL/GameHack.LR potentially unsafe application cleaned by deleting
C:\Users\Terrick\Desktop\Internet and Security\UDP-Unicorn\UDP Unicorn.exe Win32/DosAttack.U potentially unsafe application cleaned by deleting
C:\Users\Terrick\Downloads\Hotspot Shield VPN Elite 5.20.7 Multilingual + Patch [4realtorrentz]\Patch\BlockHosts.bat BAT/HostsChanger.A potentially unsafe application cleaned by deleting
C:\Users\Terrick\Downloads\Hotspot Shield VPN Elite 5.20.7 Multilingual + Patch [4realtorrentz]\Patch\Hss_Elite.exe MSIL/HackTool.Crack.O potentially unsafe application cleaned by deleting
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
F:\HDD Stuff\Nero Local Autobackup\20160123_225259_Local Autobackup\C\Users\Kelly\Documents\Verbatim\PC\Software\Nero\Setupx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
F:\HDD Stuff\Nero Local Autobackup\20160124_225301_Local Autobackup\C\Users\Kelly\Documents\Verbatim\PC\Software\Nero\Setupx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
F:\HDD Stuff\Nero Local Autobackup\20160125_225301_Local Autobackup\C\Users\Kelly\Documents\Verbatim\PC\Software\Nero\Setupx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
F:\HDD Stuff\Nero Local Autobackup\20160126_225301_Local Autobackup\C\Users\Kelly\Documents\Verbatim\PC\Software\Nero\Setupx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
F:\HDD Stuff\Nero Local Autobackup\20160127_005259_Local Autobackup\C\Users\Kelly\Documents\Verbatim\PC\Software\Nero\Setupx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
F:\HDD Stuff\Nero Local Autobackup\20160127_045259_Local Autobackup\C\Users\Kelly\Documents\Verbatim\PC\Software\Nero\Setupx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
 


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 12 May 2016 - 12:18 PM

Thank you for the logs :)

There's no actual answer to your question, since it all come down to what you are comfortable with, what fits your needs, how you use your system, etc. Personally, I don't see a problem with using Windows Defender (on Windows 8+) and Malwarebytes together, though you might want to add more security layers to cover other attack vectors (such as Exploit Kits). Once we're done with the clean-up, I'll give you a few articles to read that will help you reach an answer on your own (since it'll include tips, tricks, advice and recommendations).

Now, let's grab a last set of FRST logs to make sure there's nothing left on your system.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of FRST.txt in your next reply, and attach Addition.txt to it;
Your next reply(ies) should include:
  • Copy/pasted content of the FRST.txt log;
  • Copy/pasted content of the Addition.txt log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Terk1023

Terk1023
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 12 May 2016 - 08:04 PM

Okay thanks!!

 

here are the logs!

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Terrick (administrator) on TERRICK-PC (12-05-2016 11:32:40)
Running from C:\Users\Terrick\Desktop\Tools
Loaded Profiles: Terrick & UpdatusUser (Available Profiles: Terrick & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2033792 2016-04-26] (Hola Networks Ltd.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Run: [Google Update] => C:\Users\Terrick\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-09] (Google Inc.)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
Startup: C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2016-05-05]
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Terrick\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6fa390ac-ca95-4047-9bd3-549698be1787}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b10fc2b3-895f-4656-81b5-58c584aa9cf1}: [DhcpNameServer] 192.168.0.1
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1073046790-4199721133-1898668055-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?lang=en-ca&OCID=iehp
HKU\S-1-5-21-1073046790-4199721133-1898668055-1010\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1073046790-4199721133-1898668055-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @talk.google.com/O1DPlugin -> C:\Users\Terrick\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Terrick\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Terrick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1002: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/GoogleTalkPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @talk.google.com/O3DPlugin -> C:\Users\UpdatusUser\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=3 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: @tools.google.com/Google Update;version=9 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1073046790-4199721133-1898668055-1010: facebook.com/fbDesktopPlugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Terrick\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.facebook.com/","hxxp://www.outlook.com/","hxxp://www.flickr.com/","hxxp://www.youtube.com/"
CHR Profile: C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Tampermonkey) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-13]
CHR Extension: (AdBlock Premium) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2016-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-05]
CHR Extension: (Gmail) - C:\Users\Terrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-04-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
StartMenuInternet: Google Chrome.T-Harls - C:\Users\T-Harls\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1318944 2016-02-03] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-22] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5496448 2016-04-26] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [5496448 2016-04-26] (Hola Networks Ltd.) <==== ATTENTION
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-04-13] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-01] ()
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2016-03-15] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
R3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-04-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-12-11] ()
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [360288 2016-02-04] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-12-11] ()
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-24] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-01] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 Si3132r5; C:\Windows\system32\drivers\Si3132r5.sys [337960 2007-12-26] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2007-12-26] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2007-12-26] (Silicon Image, Inc.)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-12-06] (TENCENT) [File not signed]
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [39936 2015-10-30] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-12 02:37 - 2016-05-12 02:37 - 00001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-05-12 02:37 - 2016-05-12 02:37 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Hola
2016-05-12 02:37 - 2016-05-12 02:37 - 00000000 ____D C:\Program Files\Hola
2016-05-12 02:28 - 2016-05-12 02:28 - 00665984 _____ (Hola Networks Ltd.) C:\Users\Terrick\Downloads\Hola-Setup.exe
2016-05-11 11:22 - 2016-05-11 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-11 00:35 - 2016-05-11 00:35 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2016-05-11 00:34 - 2016-05-11 00:34 - 00527423 _____ ( ) C:\Users\Terrick\Downloads\Lame_v3.99.3_for_Windows.exe
2016-05-10 16:45 - 2016-04-22 23:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-10 16:45 - 2016-04-22 23:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-10 16:45 - 2016-04-22 23:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-10 16:45 - 2016-04-22 22:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-10 16:45 - 2016-04-22 22:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-10 16:45 - 2016-04-22 22:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-10 16:45 - 2016-04-22 22:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-10 16:45 - 2016-04-22 22:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-10 16:45 - 2016-04-22 22:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-10 16:45 - 2016-04-22 22:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-10 16:45 - 2016-04-22 22:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-10 16:45 - 2016-04-22 22:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-10 16:45 - 2016-04-22 22:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-10 16:45 - 2016-04-22 22:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-10 16:45 - 2016-04-22 22:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-10 16:45 - 2016-04-22 21:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-10 16:45 - 2016-04-22 21:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-10 16:45 - 2016-04-22 21:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-10 16:45 - 2016-04-22 21:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-10 16:45 - 2016-04-22 21:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-10 16:45 - 2016-04-22 21:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-10 16:45 - 2016-04-22 21:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-10 16:45 - 2016-04-22 21:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-10 16:45 - 2016-04-22 21:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-10 16:45 - 2016-04-22 21:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-10 16:45 - 2016-04-22 21:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-10 16:45 - 2016-04-22 21:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-10 16:45 - 2016-04-22 21:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-10 16:45 - 2016-04-22 21:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-10 16:45 - 2016-04-22 21:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-10 16:45 - 2016-04-22 21:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-10 16:45 - 2016-04-22 21:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-10 16:45 - 2016-04-22 21:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-10 16:45 - 2016-04-22 21:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-10 16:45 - 2016-04-22 21:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-10 16:45 - 2016-04-22 21:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-10 16:45 - 2016-04-22 21:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-10 16:45 - 2016-04-22 21:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-10 16:45 - 2016-04-22 21:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-10 16:45 - 2016-04-22 21:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-10 16:45 - 2016-04-22 21:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-10 16:45 - 2016-04-22 21:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-10 16:45 - 2016-04-22 21:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-10 16:45 - 2016-04-22 21:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-10 16:45 - 2016-04-22 21:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-10 16:45 - 2016-04-22 21:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-10 16:45 - 2016-04-22 21:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 16:45 - 2016-04-22 21:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-10 16:45 - 2016-04-22 21:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-10 16:45 - 2016-04-22 21:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-10 16:45 - 2016-04-22 21:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-10 16:45 - 2016-04-22 21:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-10 16:45 - 2016-04-22 21:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-10 16:45 - 2016-04-22 21:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-10 16:45 - 2016-04-22 21:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-10 16:45 - 2016-04-22 21:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-10 16:45 - 2016-04-22 21:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-10 16:45 - 2016-04-22 21:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-10 16:44 - 2016-05-05 21:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-10 16:44 - 2016-05-05 21:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-10 16:44 - 2016-05-05 21:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-10 16:44 - 2016-05-05 20:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-10 16:44 - 2016-05-05 20:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-10 16:44 - 2016-05-05 20:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-10 16:44 - 2016-05-05 20:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-10 16:44 - 2016-05-05 20:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-10 16:44 - 2016-04-29 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-10 16:44 - 2016-04-29 23:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-10 16:44 - 2016-04-22 23:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-10 16:44 - 2016-04-22 23:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-10 16:44 - 2016-04-22 23:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-10 16:44 - 2016-04-22 23:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-10 16:44 - 2016-04-22 23:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-10 16:44 - 2016-04-22 22:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-10 16:44 - 2016-04-22 22:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-10 16:44 - 2016-04-22 22:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-10 16:44 - 2016-04-22 22:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-10 16:44 - 2016-04-22 22:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-10 16:44 - 2016-04-22 22:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-10 16:44 - 2016-04-22 22:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-10 16:44 - 2016-04-22 22:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-10 16:44 - 2016-04-22 22:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-10 16:44 - 2016-04-22 22:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-10 16:44 - 2016-04-22 22:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-10 16:44 - 2016-04-22 22:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-10 16:44 - 2016-04-22 22:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-10 16:44 - 2016-04-22 22:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-10 16:44 - 2016-04-22 22:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-10 16:44 - 2016-04-22 22:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-10 16:44 - 2016-04-22 22:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-10 16:44 - 2016-04-22 22:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-10 16:44 - 2016-04-22 22:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-10 16:44 - 2016-04-22 22:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-10 16:44 - 2016-04-22 22:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-10 16:44 - 2016-04-22 22:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-10 16:44 - 2016-04-22 22:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-10 16:44 - 2016-04-22 22:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-10 16:44 - 2016-04-22 22:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-10 16:44 - 2016-04-22 22:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-10 16:44 - 2016-04-22 22:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-10 16:44 - 2016-04-22 22:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-10 16:44 - 2016-04-22 22:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-10 16:44 - 2016-04-22 22:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-10 16:44 - 2016-04-22 22:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-10 16:44 - 2016-04-22 22:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-10 16:44 - 2016-04-22 22:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-10 16:44 - 2016-04-22 22:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-10 16:44 - 2016-04-22 22:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-10 16:44 - 2016-04-22 22:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-10 16:44 - 2016-04-22 22:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-10 16:44 - 2016-04-22 22:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-10 16:44 - 2016-04-22 22:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-10 16:44 - 2016-04-22 22:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-10 16:44 - 2016-04-22 22:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-10 16:44 - 2016-04-22 22:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-10 16:44 - 2016-04-22 21:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-10 16:44 - 2016-04-22 21:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-10 16:44 - 2016-04-22 21:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-10 16:44 - 2016-04-22 21:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-10 16:44 - 2016-04-22 21:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-10 16:44 - 2016-04-22 21:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-10 16:44 - 2016-04-22 21:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-10 16:44 - 2016-04-22 21:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-10 16:44 - 2016-04-22 21:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-10 16:44 - 2016-04-22 21:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-10 16:44 - 2016-04-22 21:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-10 16:44 - 2016-04-22 21:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-10 16:44 - 2016-04-22 21:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-10 16:44 - 2016-04-22 21:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-10 16:44 - 2016-04-22 21:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-10 16:44 - 2016-04-22 21:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-10 16:44 - 2016-04-22 21:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-10 16:44 - 2016-04-22 21:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 16:44 - 2016-04-22 21:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-10 16:44 - 2016-04-22 21:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-10 16:44 - 2016-04-22 21:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-10 16:44 - 2016-04-22 21:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-10 16:44 - 2016-04-22 21:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-10 16:44 - 2016-04-22 21:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-10 16:44 - 2016-04-22 21:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-10 16:44 - 2016-04-22 21:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-10 16:44 - 2016-04-22 21:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-10 16:44 - 2016-04-22 21:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-10 16:44 - 2016-04-22 21:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-10 16:44 - 2016-04-22 21:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-10 16:44 - 2016-04-22 21:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-10 16:44 - 2016-04-22 21:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-10 16:44 - 2016-04-22 21:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-10 16:44 - 2016-04-22 21:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-10 16:44 - 2016-04-22 21:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-10 16:44 - 2016-04-22 21:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-10 16:44 - 2016-04-22 21:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-10 16:44 - 2016-04-22 21:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-10 16:44 - 2016-04-22 21:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-10 16:44 - 2016-04-22 21:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-10 16:44 - 2016-04-22 21:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-10 16:44 - 2016-04-22 21:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-10 16:44 - 2016-04-22 21:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-10 16:44 - 2016-04-22 21:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-10 16:44 - 2016-04-22 21:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-10 16:44 - 2016-04-22 21:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-10 16:44 - 2016-04-22 21:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-10 16:44 - 2016-04-22 21:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-10 16:44 - 2016-04-22 21:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-10 16:44 - 2016-04-22 21:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-10 16:44 - 2016-04-22 21:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-10 16:44 - 2016-04-22 21:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-10 16:44 - 2016-04-22 21:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-10 16:44 - 2016-04-22 21:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-10 16:44 - 2016-04-22 21:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-10 16:44 - 2016-04-22 21:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-10 16:44 - 2016-04-22 21:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-10 16:44 - 2016-04-22 21:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-10 16:44 - 2016-04-22 21:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-10 16:44 - 2016-04-22 21:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-10 16:44 - 2016-04-22 21:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-10 16:44 - 2016-04-22 21:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-10 16:44 - 2016-04-22 21:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-10 16:44 - 2016-04-22 21:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-10 16:44 - 2016-04-22 21:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-10 16:44 - 2016-04-22 21:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-10 16:44 - 2016-04-22 21:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-10 16:44 - 2016-04-22 21:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-10 16:44 - 2016-04-22 21:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-10 16:44 - 2016-04-22 21:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-10 16:44 - 2016-04-22 21:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-10 16:44 - 2016-04-22 21:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-10 16:44 - 2016-04-22 21:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-10 16:44 - 2016-04-22 21:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-10 16:44 - 2016-04-22 21:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-10 16:44 - 2016-04-22 21:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-10 16:44 - 2016-04-22 21:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-10 16:44 - 2016-04-22 21:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-10 16:44 - 2016-04-22 21:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-10 16:44 - 2016-04-22 21:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-10 16:44 - 2016-04-22 21:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-10 16:44 - 2016-04-22 21:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-10 16:44 - 2016-04-22 21:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-10 16:44 - 2016-04-22 21:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-10 16:44 - 2016-04-22 21:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-10 16:44 - 2016-04-22 21:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-10 16:44 - 2016-04-22 20:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-10 16:44 - 2016-04-22 19:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-10 16:43 - 2016-04-22 21:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-10 16:43 - 2016-04-22 21:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-10 16:43 - 2016-04-22 21:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-10 16:43 - 2016-04-22 21:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-10 16:43 - 2016-04-22 21:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-10 16:43 - 2016-04-22 21:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-10 16:43 - 2016-04-22 21:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-10 16:43 - 2016-04-22 21:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-10 16:43 - 2016-04-22 21:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-10 16:43 - 2016-04-22 21:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-10 16:43 - 2016-04-22 21:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-10 16:43 - 2016-04-22 21:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-10 16:43 - 2016-04-22 21:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-10 16:43 - 2016-04-22 21:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-10 16:43 - 2016-04-22 21:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-10 16:43 - 2016-04-22 21:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-10 16:43 - 2016-04-22 21:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-10 16:43 - 2016-04-22 21:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-10 16:43 - 2016-04-22 21:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-10 16:43 - 2016-04-22 19:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-10 16:43 - 2016-04-18 15:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-10 13:00 - 2016-05-10 13:00 - 00025355 _____ C:\ProgramData\1462910448.bdinstall.bin
2016-05-10 12:42 - 2016-05-10 12:42 - 02870984 _____ (ESET) C:\Users\Terrick\Downloads\esetsmartinstaller_enu.exe
2016-05-10 12:42 - 2016-05-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-10 00:43 - 2016-05-10 01:24 - 00020405 _____ C:\Users\Terrick\Downloads\Tyrell Section Clean.aup
2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Terrick\Downloads\Tyrell Section Clean_data
2016-05-09 21:02 - 2016-05-10 12:40 - 00023444 _____ C:\Users\Terrick\Downloads\Manny section clean.aup
2016-05-09 21:02 - 2016-05-09 21:02 - 00000000 ____D C:\Users\Terrick\Downloads\Manny section clean_data
2016-05-09 01:22 - 2016-05-09 01:36 - 00000000 ____D C:\EEK
2016-05-09 01:07 - 2016-05-09 01:07 - 00802041 _____ C:\Users\Terrick\Desktop\Upload.zip
2016-05-09 01:04 - 2016-05-05 05:41 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-05-09 01:02 - 2016-05-09 01:02 - 00241518 _____ C:\ProgramData\1462780885.bdinstall.bin
2016-05-05 13:36 - 2016-05-05 13:37 - 00000000 _____ C:\Users\Terrick\java
2016-05-05 13:25 - 2016-05-05 13:25 - 00000000 ____D C:\Users\Terrick\AppData\Temp
2016-05-05 13:03 - 2016-05-09 01:01 - 00003728 _____ C:\bdlog.txt
2016-05-05 13:03 - 2016-05-05 13:03 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-05-05 13:03 - 2016-05-05 13:03 - 00000385 _____ C:\Users\Terrick\AppData\Roaminguser_gensett.xml
2016-05-05 13:01 - 2016-05-10 13:00 - 00000000 ____D C:\ProgramData\BDLogging
2016-05-05 13:01 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-05-05 06:39 - 2016-05-05 06:39 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\QuickScan
2016-05-05 05:45 - 2016-05-05 14:29 - 00000000 ____D C:\Users\Terrick\Documents\NetBeansProjects
2016-05-05 05:30 - 2016-05-05 05:30 - 00572214 _____ C:\Users\Terrick\Downloads\rhino_jdk7.tar.gz
2016-05-05 05:28 - 2016-05-05 05:44 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\NetBeans
2016-05-05 05:28 - 2016-05-05 05:28 - 00000000 ____D C:\Users\Terrick\AppData\Local\NetBeans
2016-05-05 05:27 - 2016-05-09 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-05 05:27 - 2016-05-05 05:41 - 00316992 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2016-05-05 05:27 - 2016-05-05 05:41 - 00206912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2016-05-05 05:27 - 2016-05-05 05:41 - 00206912 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2016-05-05 05:27 - 2016-05-05 05:41 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-05-05 05:15 - 2016-05-05 05:40 - 00002094 _____ C:\Users\Public\Desktop\NetBeans IDE 8.1.lnk
2016-05-05 05:15 - 2016-05-05 05:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-05-05 05:13 - 2016-05-05 05:21 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-05-05 05:12 - 2016-05-05 05:28 - 00000000 ____D C:\Users\Terrick\.nbi
2016-05-05 05:12 - 2016-05-05 05:12 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Oracle
2016-05-05 05:05 - 2016-05-05 05:42 - 00000000 ____D C:\Users\Terrick\.oracle_jre_usage
2016-05-05 05:04 - 2016-05-05 05:04 - 00000000 ____D C:\Users\Terrick\AppData\LocalLow\Oracle
2016-05-05 00:39 - 2016-05-05 00:39 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-05 00:37 - 2016-05-12 11:03 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-05 00:37 - 2016-05-05 00:37 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-05-05 00:15 - 2016-05-12 11:28 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 00:15 - 2016-05-12 01:03 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 00:15 - 2016-05-10 14:23 - 00003986 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-05 00:15 - 2016-05-10 14:23 - 00003754 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-05 00:15 - 2016-05-05 05:40 - 00002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-04 17:22 - 2016-05-12 07:45 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3E7B3800-E9F6-4C9A-8475-AAB9A80A7EE5}
2016-05-04 16:24 - 2016-05-05 19:33 - 00000000 ____D C:\AdwCleaner
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\Users\Terrick\AppData\Local\VS Revo Group
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-05-04 16:24 - 2016-05-04 16:24 - 00000000 ____D C:\Program Files\VS Revo Group
2016-05-04 16:24 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-05-04 01:01 - 2016-05-04 16:42 - 00000000 ____D C:\Users\Terrick\AppData\Local\app
2016-05-04 00:39 - 2016-05-12 11:32 - 00000000 ____D C:\FRST
2016-05-03 16:26 - 2016-05-03 16:26 - 00000013 _____ C:\WINDOWS\system32\Example.txt
2016-05-03 16:12 - 2016-04-23 03:28 - 00000804 ____R C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-03 16:11 - 2016-05-03 16:11 - 06494208 _____ C:\Users\Terrick\AppData\Roaming\agent.dat
2016-05-03 16:11 - 2016-05-03 16:11 - 01626777 _____ C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00072717 _____ C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2016-05-03 16:11 - 2016-05-03 16:11 - 00018432 _____ C:\Users\Terrick\AppData\Roaming\Main.dat
2016-05-03 16:10 - 2016-05-03 16:10 - 00127488 _____ C:\Users\Terrick\AppData\Roaming\Installer.dat
2016-05-03 15:42 - 2016-05-03 15:42 - 00000000 ____D C:\Users\Terrick\Downloads\workbench_materials
2016-05-03 15:41 - 2016-05-03 15:41 - 00000000 ____D C:\Program Files (x86)\VTFEdit
2016-04-23 03:25 - 2016-04-23 03:25 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-23 03:25 - 2016-04-23 03:25 - 00001994 _____ C:\WINDOWS\unins000.dat
2016-04-23 03:25 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-23 03:25 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-23 03:21 - 2016-04-23 03:23 - 00000000 ____D C:\Users\Terrick\Downloads\Bandicam 3.0.4.1035 RePack (& Portable) by KpoJIuK
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dxtory Software
2016-04-23 02:05 - 2016-04-23 02:41 - 00000000 ____D C:\Program Files (x86)\ExKode
2016-04-22 02:18 - 2016-04-22 02:18 - 00000000 ____D C:\Program Files\Speccy
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-22 01:21 - 2016-04-22 01:21 - 00000000 ____D C:\Program Files\CPUID
2016-04-12 18:34 - 2016-03-29 01:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 18:34 - 2016-03-29 00:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 18:34 - 2016-03-29 00:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-12 18:34 - 2016-03-29 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-12 18:34 - 2016-03-29 00:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-12 18:34 - 2016-03-28 23:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-12 18:33 - 2016-04-01 21:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 18:33 - 2016-04-01 21:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 18:33 - 2016-04-01 20:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 18:33 - 2016-04-01 20:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 18:33 - 2016-04-01 20:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 18:33 - 2016-03-29 03:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 18:33 - 2016-03-29 03:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 18:33 - 2016-03-29 03:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 03:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 18:33 - 2016-03-29 03:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 18:33 - 2016-03-29 03:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 18:33 - 2016-03-29 03:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 18:33 - 2016-03-29 02:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 18:33 - 2016-03-29 02:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-12 18:33 - 2016-03-29 02:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 18:33 - 2016-03-29 02:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 18:33 - 2016-03-29 01:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 18:33 - 2016-03-29 01:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-12 18:33 - 2016-03-29 01:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 18:33 - 2016-03-29 01:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 18:33 - 2016-03-29 00:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 18:33 - 2016-03-29 00:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 18:33 - 2016-03-29 00:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 18:33 - 2016-03-29 00:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 18:33 - 2016-03-29 00:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-29 00:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 18:33 - 2016-03-29 00:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 18:33 - 2016-03-29 00:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 18:33 - 2016-03-29 00:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-12 18:33 - 2016-03-29 00:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 18:33 - 2016-03-29 00:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-29 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 18:33 - 2016-03-29 00:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 18:33 - 2016-03-29 00:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 18:33 - 2016-03-29 00:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 18:33 - 2016-03-29 00:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 18:33 - 2016-03-29 00:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-29 00:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-12 18:33 - 2016-03-28 23:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 18:33 - 2016-03-28 23:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-12 18:33 - 2016-03-28 23:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-12 18:33 - 2016-03-28 23:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-12 18:33 - 2016-03-28 23:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-12 18:33 - 2016-03-28 23:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 18:33 - 2016-03-28 23:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 18:33 - 2016-03-28 23:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 18:33 - 2016-03-28 23:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-12 18:33 - 2016-03-28 23:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-12 18:33 - 2016-03-28 23:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 18:33 - 2016-03-28 23:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 18:33 - 2016-03-28 23:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 18:33 - 2016-03-28 23:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 23:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 18:33 - 2016-03-28 23:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-12 18:33 - 2016-03-28 23:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 18:33 - 2016-03-28 22:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-12 18:33 - 2016-03-28 22:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 18:33 - 2016-03-28 22:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-12 18:33 - 2016-03-28 22:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-12 18:33 - 2016-03-28 22:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 18:33 - 2016-03-28 22:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 18:32 - 2016-04-01 21:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 18:32 - 2016-04-01 20:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-04-01 20:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-12 18:32 - 2016-03-29 03:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 18:32 - 2016-03-29 03:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 18:32 - 2016-03-29 03:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 03:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 18:32 - 2016-03-29 03:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-12 18:32 - 2016-03-29 02:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 18:32 - 2016-03-29 02:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 02:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-12 18:32 - 2016-03-29 02:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 18:32 - 2016-03-29 02:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 18:32 - 2016-03-29 02:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 18:32 - 2016-03-29 02:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 18:32 - 2016-03-29 02:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-12 18:32 - 2016-03-29 02:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-12 18:32 - 2016-03-29 01:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 18:32 - 2016-03-29 01:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-12 18:32 - 2016-03-29 01:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-12 18:32 - 2016-03-29 01:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-12 18:32 - 2016-03-29 01:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 18:32 - 2016-03-29 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 18:32 - 2016-03-29 01:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 01:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 01:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-12 18:32 - 2016-03-29 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 18:32 - 2016-03-29 00:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 18:32 - 2016-03-29 00:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 18:32 - 2016-03-29 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 18:32 - 2016-03-29 00:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 18:32 - 2016-03-29 00:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 18:32 - 2016-03-29 00:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 18:32 - 2016-03-29 00:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 18:32 - 2016-03-29 00:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 18:32 - 2016-03-29 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 18:32 - 2016-03-29 00:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 18:32 - 2016-03-29 00:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 18:32 - 2016-03-29 00:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 18:32 - 2016-03-29 00:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 18:32 - 2016-03-29 00:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 18:32 - 2016-03-29 00:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 18:32 - 2016-03-29 00:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 18:32 - 2016-03-29 00:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 18:32 - 2016-03-29 00:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 18:32 - 2016-03-29 00:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-12 18:32 - 2016-03-29 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-12 18:32 - 2016-03-29 00:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 18:32 - 2016-03-29 00:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-12 18:32 - 2016-03-29 00:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 18:32 - 2016-03-29 00:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-12 18:32 - 2016-03-29 00:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 18:32 - 2016-03-29 00:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 18:32 - 2016-03-29 00:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-12 18:32 - 2016-03-29 00:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 18:32 - 2016-03-29 00:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-12 18:32 - 2016-03-29 00:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 18:32 - 2016-03-29 00:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-12 18:32 - 2016-03-29 00:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 18:32 - 2016-03-28 23:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 18:32 - 2016-03-28 23:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-12 18:32 - 2016-03-28 23:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-12 18:32 - 2016-03-28 23:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-12 18:32 - 2016-03-28 23:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 18:32 - 2016-03-28 23:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 18:32 - 2016-03-28 23:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-12 18:32 - 2016-03-28 23:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-12 18:32 - 2016-03-28 23:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 18:32 - 2016-03-28 23:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 18:32 - 2016-03-28 23:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 18:32 - 2016-03-28 23:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 18:32 - 2016-03-28 23:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-12 18:32 - 2016-03-28 23:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 18:32 - 2016-03-28 23:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-12 18:32 - 2016-03-28 23:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 18:32 - 2016-03-28 23:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-12 18:32 - 2016-03-28 23:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 18:32 - 2016-03-28 23:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-12 18:32 - 2016-03-28 23:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 18:32 - 2016-03-28 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 23:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 18:32 - 2016-03-28 22:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 18:32 - 2016-03-28 22:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 18:32 - 2016-03-28 22:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 18:32 - 2016-03-28 22:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 18:32 - 2016-03-28 22:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 18:32 - 2016-03-28 22:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-12 18:32 - 2016-03-28 22:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 00002093 _____ C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-12 11:32 - 2016-03-07 14:19 - 00000000 ___RD C:\Users\Terrick\Desktop\Tools
2016-05-12 11:31 - 2011-09-06 17:17 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-12 11:15 - 2011-09-06 17:15 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002UA.job
2016-05-12 11:05 - 2012-03-16 23:00 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011UA.job
2016-05-12 10:48 - 2015-01-29 00:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-12 10:42 - 2015-06-22 01:32 - 00000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-12 02:37 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-12 02:05 - 2011-12-17 00:16 - 00000000 ____D C:\Users\Terrick\AppData\Local\Adobe
2016-05-12 01:08 - 2016-01-08 10:44 - 01013824 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-12 01:04 - 2015-06-22 01:50 - 00000000 ___RD C:\Users\Terrick\Dropbox
2016-05-12 01:03 - 2015-06-22 01:32 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-12 01:02 - 2016-01-08 11:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-12 01:02 - 2016-01-08 10:44 - 00000000 ____D C:\Users\Terrick
2016-05-12 01:02 - 2016-01-08 10:41 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-12 01:01 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-11 23:05 - 2012-03-16 23:00 - 00000860 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1011Core.job
2016-05-11 19:01 - 2015-10-30 02:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 19:01 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 19:00 - 2015-10-30 00:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 19:00 - 2011-11-04 07:50 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Audacity
2016-05-11 17:15 - 2011-09-06 17:15 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002Core.job
2016-05-11 16:59 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-11 16:59 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-11 13:04 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-11 13:00 - 2013-08-12 03:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 12:50 - 2011-06-01 12:00 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 11:23 - 2015-06-22 01:32 - 00000000 ____D C:\Users\Terrick\AppData\Local\Dropbox
2016-05-11 11:22 - 2015-06-22 01:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-11 03:15 - 2014-12-25 21:15 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-11 02:25 - 2016-04-09 02:20 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2016-05-11 02:25 - 2014-09-17 14:45 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2016-05-11 01:52 - 2013-04-21 01:47 - 00000000 ____D C:\Users\Terrick\Desktop\Games
2016-05-10 17:10 - 2011-09-06 17:15 - 00004064 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002UA
2016-05-10 17:10 - 2011-09-06 17:15 - 00003688 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1073046790-4199721133-1898668055-1002Core
2016-05-10 13:08 - 2016-02-01 17:03 - 00005853 _____ C:\Users\Terrick\Desktop\Cat Names.txt
2016-05-09 01:13 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-05-09 01:07 - 2011-12-10 23:43 - 00000000 ____D C:\Users\Terrick\AppData\LocalLow\Temp
2016-05-09 01:04 - 2014-03-06 10:47 - 00002193 _____ C:\Users\Terrick\Desktop\BitMinter Client.lnk
2016-05-09 01:04 - 2014-03-06 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-09 01:04 - 2012-10-18 09:20 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-09 01:04 - 2011-09-22 16:17 - 00000000 ____D C:\Program Files\Java
2016-05-07 17:26 - 2016-04-07 15:48 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-05 20:30 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Cursors
2016-05-05 19:43 - 2014-09-01 00:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-05 19:39 - 2015-10-29 23:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-05 19:27 - 2013-04-21 01:52 - 00000000 ___RD C:\Users\Terrick\Desktop\Internet and Security
2016-05-05 19:20 - 2011-10-04 16:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-05 19:20 - 2011-06-09 15:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-05 19:13 - 2015-12-29 15:02 - 00000000 ____D C:\Games
2016-05-05 19:13 - 2014-10-09 02:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-05 19:12 - 2014-10-09 02:23 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Opera Software
2016-05-05 19:12 - 2014-10-09 02:23 - 00000000 ____D C:\Users\Terrick\AppData\Local\Opera Software
2016-05-05 19:11 - 2013-05-22 14:04 - 00000000 ____D C:\Program Files (x86)\R.G.Games
2016-05-05 19:11 - 2012-12-30 00:34 - 00000000 ____D C:\Program Files (x86)\MP3 Skype Recorder
2016-05-05 19:07 - 2012-02-16 19:15 - 00000000 ____D C:\Fraps
2016-05-05 19:06 - 2011-09-01 17:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-05 19:05 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 19:03 - 2015-09-10 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-05 19:03 - 2013-06-27 15:54 - 00000000 ____D C:\Program Files (x86)\Project64 2.0
2016-05-05 05:40 - 2016-01-08 10:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-05 05:40 - 2015-07-15 20:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-05 05:40 - 2015-07-08 00:09 - 00000986 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2016-05-05 05:40 - 2015-06-25 11:18 - 00001148 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-05-05 05:40 - 2015-06-23 18:27 - 00000840 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-05-05 05:40 - 2015-03-17 18:36 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk
2016-05-05 05:40 - 2015-03-17 00:03 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-bit.lnk
2016-05-05 05:40 - 2015-01-08 00:09 - 00000986 _____ C:\Users\Public\Desktop\Gyazo.lnk
2016-05-05 05:40 - 2014-01-28 10:00 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2016-05-05 05:40 - 2013-03-05 17:57 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-05-05 05:40 - 2011-12-17 02:52 - 00001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk
2016-05-05 05:40 - 2011-12-17 02:50 - 00001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:50 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2016-05-05 05:40 - 2011-12-17 02:49 - 00001561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:49 - 00001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2016-05-05 05:40 - 2011-12-17 02:48 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-05-05 05:40 - 2011-12-17 00:17 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2016-05-05 05:40 - 2011-10-04 16:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-05 05:40 - 2011-06-10 15:25 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-05-05 05:40 - 2011-06-10 15:25 - 00001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-05-05 05:40 - 2011-06-10 15:24 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-05-05 05:40 - 2011-06-10 15:24 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-05-05 05:39 - 2016-01-08 19:25 - 00002421 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-05 05:39 - 2012-11-25 05:08 - 00002529 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2016-05-05 05:39 - 2012-08-16 14:43 - 00001440 _____ C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\DayZ Commander.lnk
2016-05-05 05:38 - 2016-03-07 14:10 - 00000817 _____ C:\Users\Terrick\Desktop\Deriv.lnk
2016-05-05 05:38 - 2014-10-09 01:15 - 00001191 _____ C:\Users\Terrick\Desktop\GamersFirst LIVE!.lnk
2016-05-05 05:38 - 2014-06-03 12:19 - 00001347 _____ C:\Users\Terrick\Desktop\bitcoin wallet.lnk
2016-05-05 05:36 - 2015-10-30 00:26 - 00000000 ____D C:\WINDOWS\Setup
2016-05-05 05:12 - 2014-08-01 12:40 - 00000000 __SHD C:\Users\Terrick\AppData\Local\EmieUserList
2016-05-05 05:12 - 2014-08-01 12:40 - 00000000 __SHD C:\Users\Terrick\AppData\Local\EmieSiteList
2016-05-05 05:12 - 2014-03-06 10:46 - 00000000 ____D C:\ProgramData\Oracle
2016-05-05 05:05 - 2011-11-16 17:19 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Sun
2016-05-05 00:22 - 2013-04-21 01:50 - 00000000 ____D C:\Users\Terrick\Desktop\Creative Software
2016-05-05 00:15 - 2013-11-01 12:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-05 00:09 - 2012-05-03 15:42 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 00:09 - 2011-09-06 17:15 - 00000000 ____D C:\Users\Terrick\AppData\Local\Apps\2.0
2016-05-04 17:25 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-04 17:21 - 2014-08-10 02:09 - 00000000 __SHD C:\Users\Terrick\AppData\LocalLow\EmieUserList
2016-05-04 17:21 - 2014-06-26 00:22 - 00000000 __SHD C:\Users\Terrick\AppData\LocalLow\EmieSiteList
2016-05-04 17:05 - 2011-10-24 16:13 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2016-05-04 15:41 - 2016-01-08 10:44 - 00000000 ____D C:\Users\UpdatusUser
2016-05-03 03:42 - 2014-06-05 14:46 - 00000000 ____D C:\Users\Terrick\AppData\Local\Packages
2016-04-28 01:55 - 2013-04-21 01:59 - 00000000 ____D C:\Users\Terrick\Desktop\Recording Software
2016-04-23 20:47 - 2016-02-03 18:35 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\TS3Client
2016-04-23 04:34 - 2012-09-02 19:53 - 00000000 ____D C:\Users\Terrick\AppData\Roaming\.minecraft
2016-04-22 00:57 - 2010-11-20 20:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 14:02 - 2016-01-08 19:25 - 00000000 ___RD C:\Users\Terrick\OneDrive
2016-04-16 16:59 - 2013-04-21 01:52 - 00000000 ____D C:\Users\Terrick\Desktop\Text and random
2016-04-14 02:06 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-04-14 02:06 - 2011-09-07 07:06 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-04-13 16:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-13 15:44 - 2011-10-15 22:15 - 00291512 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-04-13 15:43 - 2011-10-15 22:15 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-13 05:19 - 2016-01-08 10:36 - 05045872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 05:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-12 12:40 - 2016-02-15 21:36 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-04-12 12:38 - 2016-02-15 21:36 - 00002760 _____ C:\WINDOWS\SysWOW64\lgAxconfig.ini
 
==================== Files in the root of some directories =======
 
2014-06-20 00:44 - 2014-06-20 00:44 - 0000234 _____ () C:\Users\Terrick\AppData\Roaming\1.png
2013-10-01 19:55 - 2013-10-01 19:55 - 0001562 _____ () C:\Users\Terrick\AppData\Roaming\28.svg
2012-04-15 22:07 - 2011-12-22 14:30 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:57 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-04-15 22:07 - 2011-07-19 05:47 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-04-15 22:07 - 2011-12-22 14:29 - 0000132 _____ () C:\Users\Terrick\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-05-03 16:11 - 2016-05-03 16:11 - 6494208 _____ () C:\Users\Terrick\AppData\Roaming\agent.dat
2010-07-19 14:16 - 2010-07-19 14:16 - 0004878 _____ () C:\Users\Terrick\AppData\Roaming\b_dk.jpg
2016-04-12 02:21 - 2016-04-12 02:21 - 0209477 _____ () C:\Users\Terrick\AppData\Roaming\chapter.gif
2016-05-03 16:11 - 2016-05-03 16:11 - 1626777 _____ () C:\Users\Terrick\AppData\Roaming\DoubleIs.tst
2016-05-03 16:10 - 2016-05-03 16:10 - 0127488 _____ () C:\Users\Terrick\AppData\Roaming\Installer.dat
2015-07-03 03:22 - 2015-07-03 03:22 - 0000098 _____ () C:\Users\Terrick\AppData\Roaming\LauncherSettings_live.cfg
2016-05-03 16:11 - 2016-05-03 16:11 - 0018432 _____ () C:\Users\Terrick\AppData\Roaming\Main.dat
2013-10-01 19:56 - 2013-10-01 19:56 - 0001349 _____ () C:\Users\Terrick\AppData\Roaming\make.graphic.viewport.xml
2014-10-06 21:39 - 2014-10-06 21:39 - 0011264 _____ () C:\Users\Terrick\AppData\Roaming\System.dll
2016-04-12 02:21 - 2016-04-12 02:21 - 0002093 _____ () C:\Users\Terrick\AppData\Roaming\TerraceSawwortSouthernwood
2012-08-18 17:30 - 2012-08-18 17:30 - 0001181 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.1.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000919 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt
2012-08-18 17:30 - 2012-08-18 17:44 - 0000000 _____ () C:\Users\Terrick\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-05-03 16:11 - 2016-05-03 16:11 - 0072717 _____ () C:\Users\Terrick\AppData\Roaming\Zenrunsoft.tst
2014-07-06 16:04 - 2014-07-06 16:05 - 0008665 _____ () C:\Users\Terrick\AppData\Local\CleanupUninstall.txt
2011-09-13 17:11 - 2011-09-13 17:19 - 0005632 _____ () C:\Users\Terrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-07 16:47 - 2011-09-07 16:47 - 0007602 _____ () C:\Users\Terrick\AppData\Local\Resmon.ResmonCfg
2016-05-09 01:02 - 2016-05-09 01:02 - 0241518 _____ () C:\ProgramData\1462780885.bdinstall.bin
2016-05-10 13:00 - 2016-05-10 13:00 - 0025355 _____ () C:\ProgramData\1462910448.bdinstall.bin
 
Some files in TEMP:
====================
C:\Users\Terrick\AppData\Local\Temp\Hola-Setup-x64-1.13.351.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-12 01:52
 
==================== End of FRST.txt ============================
 
 

Attached Files



#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 14 May 2016 - 03:47 PM

Thank you for the logs :)

I noticed that you still have Hola installed on your system. While that program isn't malicious per say, what it really does can be considered suspicious and questionable. Here's two articles outlining the principal issues with the program, but in the end, whether you want to keep it or not is up to you.

Adios, Hola! Or: Why You Should Immediately Uninstall Hola
Ultra-popular Hola VPN extension sold your bandwidth for use in a botnet attack

Other than that, your logs didn't show any sign of infection left on your system, so I can declare you clean :)

Qt25440.pngTips, tricks, advice and recommendations

Now it's time to give you some tips, tricks, advice and recommendations on how to protect your system and prevent you from being infected in the future. This is where I'll explain basic security measures that you should take to protect and harden your system, and also make sure it stays as safe and secure as possible against hackers and malware. You are free to ignore the recommendations listed below, although I obviously do not recommend it. If you have any questions about one of the points covered in the speech below, feel free to ask me your questions here directly so I can answer them and guide you.

Windows Updates

Keeping Windows up to date is one of the first steps in having a safe and secure system. The Security Updates that Windows receives are meant to fix exploits and flaws in it that makes it more secure and not exploitable by hackers. In order to do that, you should always install the Security Updates, known as "Important Updates" on your Windows system. These updates are released on the second Tuesday of every month, but some are also released before if they are emergency/critical Security Updates. Let's make sure that you have all your Important Updates and Recommended Updates installed and that your Windows Updates are set to be installed automatically.Keeping your programs up-to-date

Like keeping Windows updated, keeping your installed programs up-to-date is another important step in having a safe and secure system. Outdated programs can be exploited by hackers and malware to infect a system and take it over. This is especially true today with the rise of Exploit Kits which is one of the biggest attack vectors to distribute malware. Therefore, you should always keep vulnerable programs like Adobe Flash Player, Adobe Shockwave Player, Java, Silverlight, etc. updated to their most recent version (even better, you don't have to install them if you don't use them). Programs like eLDnJfI.pngSecuniaPSI and dqVs5wj.pngHeimdal Free will scan your system for outdated programs, and help you identify them, as well as update them.

Antivirus, Antimalware, Firewall and Anti-Exploit/Ransomware

Having a decent security setup (led by an Antivirus) is the most crucial step to protect a system. These programs are a layer of defence that will prevent a system from being infected, or if it somehow ends up infected, help mitigate the infection and remediate it. Ideally, you should have on your system one Antivirus (never more than one installed at the time), one Antimalware (you can install multiple of these, assuming they do not conflict with each other and the other security programs installed), one Firewall and if you wish, one Anti-Exploit and/or Anti-Ransomware (since Ransomware are currently the most dangerous threat around and it can hit anywhere). Here are a few programs worth checking out if you don't have one yet.

Note: The programs listed below are all free to use or they have some sort of trial. Some of them have a paid version that provides more features, while a lot of other good programs only have a paid version but aren't listed there (such as Kaspersky and ESET Antivirus products).

AntivirusAntimalwareFirewall
Starting in Windows Vista, the Windows Firewall greatly improved and will satisfy the needs of most users. If you do not have an Internet Suite Antivirus program (which includes a firewall) and you want to use a 3rd party firewall, you can consider the options below.
  • 7p3JzTS.pngGlassWire - Has both a free and paid version (with different packages);
  • MQIMh6k.pngWindows Firewall Control - Gives you more control over your Windows Firewall;
  • 5RXGshU.pngTinyWall - Lightweight firewall implementing the Windows Firewall and giving you more control over it;
Anti-Exploit/Anti-RansomwareWeb Browsers and Web Browsing

Web Browsers could be considered as the closest door between a malware and your system. This is where most malware goes through to infect a system, and therefore it should be the program(s) you want to secure the most. There are two ways of going about it: hardening your web browser via extensions, and having good browsing habits.

Hardening your web browser means to install extensions that will help it protect itself (and your system on the same occasion) against Exploit Kits, MiTM attacks, etc. but also you at the same time. Here are a few extensions that I recommend you to install.
  • uBlock Origin: Efficient multi-purpose blocker that is lightweight on RAM and CPU usage (Google Chrome and Mozilla Firefox, called uBlock on Opera);
  • HTTPS Everywhere: Extension that converts your HTTP (unencrypted) requests to HTTPS (encrypted) ones (Google Chrome, Mozilla Firefox and Opera);
  • Web of Trust: Website reputation, rating and review extension that will help you quickly identify bad and suspicious sites from good ones (every web browsers);
  • NoScript: NoScript is a script blocker (Java, Flash, JavaScript, etc.) for Mozilla Firefox and Firefox-based browsers (Mozilla Firefox and Firefox-based web browsers);
  • uMatrix: For advanced users, a point and click matrix-like extensions that allow you to control requests done on a webpage (based on source, destination and type) (Google Chrome, Mozilla Firefox and Opera);
  • LastPass: Secure password manager allowing you to create, manage, and use passwords you save in your LastPass account (every web browser);
As for safe browsing habits, you can find tons of guides, tutorials, articles, etc. online that will highlight the basics you need to follow (only visit websites you trust, do not click on ads, do not download files from untrusted sources, use a password manager, always verify the URL of a website and make sure it's correctly typed, etc.), and even what you can do if you want to take it a step further (create a fake email address for spam emails, browse the web in a privacy mode, etc.). Here are a few:As you can see, there are plenty of resources out there. Simply Googling "good browsing habits" or "safe browsing habits" should allow you to find a lot of them.

Other recommendations

Even if you follow every recommendation that I listed here, in the end, it's also your job to be careful when browsing the web and downloading files if you don't want to get infected. Therefore, if you use your brain (common sense) when browsing the web, downloading programs and files, etc., you have far less chances to get infected by a malware. If for example you're not sure if a website is legitimate or not, or if a file is safe to download and execute, or if a program looks "too good" to be free, I suggest you to avoid going to that website, downloading that file or using that program.

Here are a few guides, tutorials, articles, etc. that you could read in order to learn more about computer protection and security to improve your current computer protection setup but also improve your good web browsing and computer usage practices :gRvSooB.pngThe End!

And that's it! Now that you know more about how to protect your computer and secure it, you're good to go back to your online activities, but in a safe and secure way! You are also free to stay on BleepingComputer and ask for help in different topics if you ever need to. Just make sure that you post your question/issue in the right section to get the best assistance possible. And if you ever get infected again (which I hope you wont!), you can always comeback in this section to get another checkup with one of our trained malware removal member.

Do you have any questions before I close this thread? :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Terk1023

Terk1023
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 15 May 2016 - 07:31 PM

THANK YOU SO MUCH!!!!!! You were very helpful and patient with me! thank you so much for all the time and effort you have put in to help!

 

Also thank you for all the tips and advice to keep my computer secure and protected! I have no further questions! you are free to close the thread! 

 

And again, thank you!



#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:05 AM

Posted 15 May 2016 - 07:41 PM

No problem Terk, you are welcome :) Glad to see that I was able to assist you!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users