Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Shortcut Virus inflicted, then cannot install any other antivirus.


  • This topic is locked This topic is locked
2 replies to this topic

#1 sliah

sliah

  • Members
  • 1 posts
  • OFFLINE
  •  

Posted 09 May 2016 - 07:18 PM

The virus originally located on my USB then got my laptop inflicted with it. There is no high CPU usage or corrupted personal files, but I can no longer open the "settings" menu or install any other anti virus other than the one I have which is iObit malware fighter, I cant install any other application as well. The antivirus scan shows that there is nothing detected even though I have another OS located in other partition the bitdefender detected some virus, torjan and some other crap but didn't solve the problem I have now. 

 

the FRST scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Alienware 2 (administrator) on ALIENWARE (09-05-2016 16:57:29)
Running from C:\Users\Alienware 2\Downloads\Programs
Loaded Profiles: Alienware 2 & MSSQL$SQLEXPRESS (Available Profiles: Alienware 2 & Administrator & MSSQL$SQLEXPRESS & Classic .NET AppPool & .NET v4.5 & DefaultAppPool & .NET v2.0 & .NET v4.5 Classic & .NET v2.0 Classic)
Platform: Windows 10 Enterprise (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT\lservnt.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(BitTorrent Inc.) C:\Users\Alienware 2\AppData\Roaming\uTorrent\uTorrent.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(BitTorrent Inc.) C:\Users\Alienware 2\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Users\Alienware 2\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\sfc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16719_none_11647d1561f368c0\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Alienware 2\Desktop\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Users\Alienware 2\Desktop\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.16\deploy\LoLLauncher.exe
() C:\Users\Alienware 2\Desktop\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.56\deploy\LoLPatcher.exe
() C:\Users\Alienware 2\Desktop\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.56\deploy\LoLPatcherUx.exe
() C:\Users\Alienware 2\Desktop\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.56\deploy\LoLPatcherUx.exe
() C:\Users\Alienware 2\Desktop\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.56\deploy\LoLPatcherUx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [14056 2014-10-30] (Alienware)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8849152 2016-05-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-09] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-05-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4593968 2013-11-15] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5890848 2016-04-26] (IObit)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\Run: [uTorrent] => C:\Users\Alienware 2\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-09] (BitTorrent Inc.)
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3919928 2016-02-12] (Tonec Inc.)
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\RunOnce: [Uninstall C:\Users\Alienware 2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alienware 2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
Startup: C:\Users\Alienware 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\atajo.lnk [2016-05-09]
ShortcutTarget: atajo.lnk -> C:\Users\Alienware 2\AppData\Roaming\qxoggtx\xfklsrk64.exe (Microsoft Corporation)
Startup: C:\Users\Alienware 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-04-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{12a79926-1cb4-449b-a898-b360dc3df4d4}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{57d19f90-1718-4cf7-b77a-b6c0b7a43d84}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b306ec9e-c53b-4fcf-9dea-67d13b1eb6f6}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sa.hao123.com/?tn=sdkc_inner_hp_09_hao123_sa&guid=1ba3c46eae0457a60acf7fb1d6a690d8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://sa.hao123.com/?tn=sdkc_inner_hp_09_hao123_sa&guid=1ba3c46eae0457a60acf7fb1d6a690d8
HKU\S-1-5-21-21666752-163315718-2130443058-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.sanetworked.com/
HKU\S-1-5-21-21666752-163315718-2130443058-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://login.sanetworked.com/
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-09] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-09] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-05-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-09] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-29] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Alienware 2\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Alienware 2\AppData\Roaming\IDM\idmmzcc5 [2016-05-09] [not signed]
FF HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://youtube.com/"
CHR Profile: C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Adblock Plus) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Java Cloud Hosting) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkdpgpnekokcicojodnkgmpchnnopam [2016-03-07]
CHR Extension: (Daum Equation Editor) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2016-03-07]
CHR Extension: (Kami - PDF Sign, Edit, Review) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk [2016-05-05]
CHR Extension: (EffectyGram) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbeahpjkbdfilaomikdffcambkgfgkoe [2016-03-07]
CHR Extension: (Mac OS X Magic Theme - White Transparency) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafeodgllbphbllelolncdcadgmmjgbg [2016-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Camera Shutter Count) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidmkebaeifbokhkdkhcokahfaiakdef [2016-03-07]
CHR Extension: (Google Play Music) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-03-07]
CHR Extension: (codev) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhccgicacaljbkehndlbnolffafhjiop [2016-03-07]
CHR Extension: (Bleaner) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2016-03-07]
CHR Extension: (gcode-sender) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngncibnakmabjlfpadjagnbdjbhoelom [2016-05-01]
CHR Extension: (IDM Integration Module) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-04-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (KMPlayer for Chrome) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfielclggcdoolpkmenmcemdfpdinhoc [2016-03-08]
CHR Extension: (Gmail) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2288384 2016-03-04] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911464 2016-04-29] (Microsoft Corporation)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2016-02-05] ()
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [394752 2016-02-28] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
S3 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2442368 2016-02-17] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-02-17] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [362920 2016-03-04] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2016-02-28] (Microsoft Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1580320 2016-04-22] (IObit)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [242736 2016-04-28] (Microsoft Corporation) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [340480 2013-10-08] (Qualcomm Atheros) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-05-09] (Realtek Semiconductor)
R2 Sentinel RMS License Manager; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT\lservnt.exe [917504 2011-11-21] (SafeNet, Inc.) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-09] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [115864 2016-02-05] ()
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2016-02-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [12288 2016-02-28] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [186152 2016-05-09] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11254536 2016-03-04] (Broadcom Corp)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11254536 2016-03-04] (Broadcom Corp)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-01-26] (www.winchiphead.com)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2016-03-04] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
S4 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-03-31] (IObit)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-05-09] (Qualcomm Atheros, Inc.)
R3 kiox_ff_driver; C:\Windows\system32\DRIVERS\kiox_ff_driver.sys [41456 2016-03-04] (Kionix, Inc.)
R0 kxdiskprot; C:\Windows\System32\DRIVERS\kxdiskprot.sys [31176 2015-01-06] (Kionix, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-05-09] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84792 2016-03-06] (Sysinternals - www.sysinternals.com)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-03-31] (IObit.com)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-03-29] (Synaptics Incorporated)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-02-17] (Anchorfree Inc.)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [89840 2015-12-02] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [134800 2016-03-04] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WtfEngineDrv; C:\Windows\system32\DRIVERS\WtfEngineDrv.sys [27904 2016-02-01] (AAA Internet Publishing, Inc.)
S3 cpuz138; \??\C:\Users\ALIWNW~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0; \??\c:\program files\alienware\supportassist\pcdsrvc_x64.pkms [X]
U4 vsserv; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-09 17:18 - 2016-05-09 17:29 - 936110701 ____R C:\Users\Alienware 2\Downloads\Game.of.Thrones.S06E03.720p.HDTV.x264-AVS[eztv].mkv
2016-05-09 16:57 - 2016-05-09 16:57 - 00000000 ____D C:\FRST
2016-05-09 16:47 - 2014-10-22 15:29 - 00155912 ____N (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-05-09 16:42 - 2016-05-09 16:42 - 00000000 ____H C:\asc_rdflag
2016-05-09 15:51 - 2016-05-09 15:51 - 00016148 _____ C:\WINDOWS\system32\ALIENWARE_Alienware 2_HistoryPrediction.bin
2016-05-09 15:36 - 2016-05-09 15:51 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-05-09 15:28 - 2016-05-09 15:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-09 03:17 - 2016-05-09 03:17 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-05-09 03:17 - 2016-05-09 03:15 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-05-09 03:16 - 2016-05-09 03:15 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-05-09 03:14 - 2016-05-09 03:14 - 00003218 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2016-05-09 03:13 - 2016-05-09 03:13 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCORES64.dat
2016-05-09 03:13 - 2016-05-09 03:13 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 05576400 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-05-09 03:13 - 2016-05-09 03:13 - 04803840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-05-09 03:13 - 2016-05-09 03:13 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 03198720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 03081808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 02894976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-05-09 03:13 - 2016-05-09 03:13 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 02049664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01977072 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01743632 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01211840 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00914024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00768824 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00642928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBTHX64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00577840 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBTHX32.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00410040 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00203560 _____ (Waves Audio) C:\WINDOWS\system32\MaxxAudioVienna264.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00164432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkXInterface64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00074608 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00069928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2016-05-09 03:13 - 2016-05-09 03:13 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-05-09 03:12 - 2016-05-09 03:12 - 00213312 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2016-05-09 03:12 - 2016-05-09 03:12 - 00186152 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2016-05-09 03:11 - 2016-05-09 03:11 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-05-09 03:11 - 2016-05-09 03:11 - 00162456 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\e2xw10x64.sys
2016-05-09 03:03 - 2016-05-09 15:52 - 00000000 ____D C:\Program Files\Bitdefender
2016-05-09 03:02 - 2016-05-09 03:02 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-09 03:00 - 2016-05-09 16:34 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-09 02:57 - 2016-05-09 02:57 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\QuickScan
2016-05-09 02:43 - 2016-05-09 02:46 - 00000000 ____D C:\Users\Alienware 2\Desktop\New folder (2)
2016-05-09 01:50 - 2016-05-09 02:02 - 00850941 _____ C:\Users\Alienware 2\Desktop\Design of Furfural Production Plant.pdf
2016-05-08 12:35 - 2016-05-08 12:35 - 00014805 _____ C:\Users\Alienware 2\Downloads\plant projuct (1).xlsx
2016-05-08 12:34 - 2016-05-08 12:34 - 00012312 _____ C:\Users\Alienware 2\Downloads\plant projuct.xlsx
2016-05-08 02:10 - 2016-05-08 02:10 - 00806717 _____ C:\Users\Alienware 2\Desktop\Shortcut Virus Remover v3.1.exe
2016-05-07 20:50 - 2016-05-07 20:50 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-05-07 19:28 - 2016-05-07 19:28 - 00243962 _____ C:\Users\Alienware 2\Downloads\Simulation 1 (1).apwz!B8_2.edr
2016-05-07 19:21 - 2016-05-07 19:21 - 00010087 _____ C:\Users\Alienware 2\Desktop\material balance.xlsx
2016-05-07 19:17 - 2016-05-07 19:21 - 00010086 _____ C:\Users\Alienware 2\Downloads\material balance.xlsx
2016-05-07 18:21 - 2016-05-07 18:21 - 00231841 _____ C:\Users\Alienware 2\Downloads\Simulation 1 (1).apwz!B8_1.edr
2016-05-07 18:01 - 2016-05-07 18:01 - 00582004 _____ C:\Users\Alienware 2\Downloads\Simulation 1 (1).apwz!B8.edr
2016-05-07 16:17 - 2016-05-09 02:52 - 00000000 ____D C:\Users\Alienware 2\Downloads\Simulation 1 (1)
2016-05-07 16:16 - 2016-05-07 16:16 - 00000230 _____ C:\Users\Alienware 2\Downloads\tmpPrst.tgz
2016-05-07 16:16 - 2016-05-07 16:16 - 00000230 _____ C:\Users\Alienware 2\Downloads\lsprst7.tgz
2016-05-07 16:09 - 2016-05-07 16:16 - 00000216 _____ C:\Users\Alienware 2\Downloads\lsprst7.dll
2016-05-07 16:08 - 2016-05-08 12:32 - 04729857 _____ C:\Users\Alienware 2\Downloads\Simulation 1 (1).apwz
2016-05-07 15:56 - 2016-05-07 15:56 - 01420087 _____ C:\Users\Alienware 2\Downloads\Simulation 1.apwz
2016-05-07 15:53 - 2016-05-07 18:01 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\Aspen_Technology,_Inc
2016-05-07 15:46 - 2016-05-07 15:46 - 00000000 ____D C:\Users\Alienware 2\Downloads\Crack
2016-05-07 15:40 - 2016-05-07 15:40 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-05-07 15:39 - 2016-05-07 15:45 - 814353976 ____R C:\Users\Alienware 2\Downloads\The.Originals.S03E20.720p.HDTV.X264-DIMENSION[eztv].mkv
2016-05-06 15:45 - 2016-05-10 00:43 - 00000000 ___HD C:\Users\Alienware 2\AppData\Roaming\qxoggtx
2016-05-06 14:29 - 2016-05-06 14:29 - 00000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2016-05-06 14:28 - 2016-05-06 14:28 - 00000000 ____D C:\Program Files (x86)\Business Objects
2016-05-06 14:15 - 2016-05-06 14:29 - 00000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2016-05-06 14:03 - 2016-05-06 14:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-05-06 14:02 - 2016-05-06 14:02 - 00000000 __RHD C:\MSOCache
2016-05-06 14:02 - 2016-05-06 14:02 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Microsoft Help
2016-05-04 20:26 - 2016-05-04 20:26 - 00165278 _____ C:\Users\Alienware 2\Desktop\2000-1300.psd
2016-05-03 06:19 - 2016-05-03 06:19 - 00000219 _____ C:\WINDOWS\SysWOW64\tmpPrst.tgz
2016-05-03 06:15 - 2016-05-03 06:15 - 00001072 _____ C:\Users\Public\Desktop\UltraISO.lnk
2016-05-03 02:35 - 2016-05-09 16:49 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BDF1449D-D114-4C89-A594-F168C5E8C4F0}
2016-05-03 00:05 - 2016-05-03 00:13 - 1113772434 ____R C:\Users\Alienware 2\Downloads\Game.of.Thrones.S06E02.PROPER.720p.HDTV.x264-BATV[eztv].mkv
2016-05-02 11:22 - 2016-05-02 11:23 - 00000030 _____ C:\Users\Alienware 2\Desktop\New Text Document.txt
2016-05-01 23:32 - 2016-05-02 01:01 - 00536060 _____ C:\Users\Alienware 2\Desktop\Simulation 11.apwz
2016-05-01 15:32 - 2016-05-01 15:32 - 00071236 _____ C:\Users\Alienware 2\Downloads\grbl_v0_9a_edge_328p_16mhz_9600_build20121210.hex
2016-05-01 15:18 - 2016-05-01 15:43 - 00000341 _____ C:\Users\Alienware 2\Downloads\boltpattern.txt
2016-05-01 15:00 - 2016-05-01 15:00 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-05-01 01:16 - 2016-05-09 15:29 - 00000000 ____D C:\Users\Alienware 2\AppData\LocalLow\uTorrent
2016-05-01 01:16 - 2016-05-01 01:22 - 728725256 ____R C:\Users\Alienware 2\Downloads\The.Originals.S03E19.720p.HDTV.X264-DIMENSION[eztv].mkv
2016-04-30 23:22 - 2016-04-30 23:22 - 00001276 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-04-30 23:22 - 2016-04-30 23:22 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\PopcornTimeDesktop
2016-04-30 23:22 - 2016-04-30 23:22 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2016-04-30 17:39 - 2016-04-30 17:39 - 00095400 _____ (Razer Inc) C:\WINDOWS\system32\RazerCoinstaller.dll
2016-04-26 20:03 - 2016-04-26 20:03 - 00108178 _____ C:\Users\Alienware 2\Documents\AutoSave_Untitled.skp
2016-04-26 08:14 - 2016-04-26 08:14 - 00000228 _____ C:\Users\Alienware 2\Desktop\lsprst7.tgz
2016-04-26 08:14 - 2016-04-26 08:14 - 00000214 _____ C:\Users\Alienware 2\Desktop\lsprst7.dll
2016-04-26 07:52 - 2016-04-26 07:52 - 00000000 ____D C:\Users\Alienware 2\Documents\OneNote Notebooks
2016-04-26 07:42 - 2016-04-26 08:14 - 00000000 ____D C:\Users\Alienware 2\Desktop\aspen hw 10
2016-04-26 05:18 - 2016-04-26 05:18 - 00403477 _____ C:\Users\Alienware 2\Desktop\Untitled-1 copy.jpf
2016-04-26 05:18 - 2016-04-26 05:18 - 00000112 _____ C:\Users\Alienware 2\AppData\Roaming\JP2K CS6 Prefs
2016-04-25 20:20 - 2016-04-25 20:20 - 00000228 _____ C:\Users\Alienware 2\Desktop\tmpPrst.tgz
2016-04-25 18:38 - 2016-04-25 17:48 - 00109791 _____ C:\Users\Alienware 2\Documents\Untitled.skb
2016-04-25 18:22 - 2016-04-25 18:22 - 00002048 _____ C:\Users\Alienware 2\Desktop\sysprs7.tgz
2016-04-25 18:22 - 2016-04-25 18:22 - 00002048 _____ C:\Users\Alienware 2\Desktop\sysprs7.dll
2016-04-25 17:48 - 2016-04-25 18:38 - 00756365 _____ C:\Users\Alienware 2\Documents\Untitled.skp
2016-04-25 08:36 - 2016-04-26 08:12 - 00514664 _____ C:\Users\Alienware 2\Desktop\Simulation 1.apwz
2016-04-25 07:32 - 2016-04-25 07:39 - 00000000 ____D C:\Users\Alienware 2\Downloads\Game.of.Thrones.S06E01.720p.HDTV.x264-SVA[rarbg]
2016-04-25 06:17 - 2016-04-25 06:17 - 01731446 _____ C:\Users\Alienware 2\Downloads\Lecture_8.pptx
2016-04-25 04:18 - 2016-04-25 04:18 - 02343003 _____ C:\Users\Alienware 2\Downloads\Lecture_7.pptx
2016-04-18 06:35 - 2016-04-18 06:35 - 00000000 ____D C:\Users\Alienware 2\Desktop\aspen hw 9
2016-04-18 00:18 - 2016-04-18 00:18 - 00393329 _____ C:\Users\Alienware 2\Downloads\homework 9.apwz
2016-04-17 01:21 - 2016-04-17 01:26 - 771707843 ____R C:\Users\Alienware 2\Downloads\The.Originals.S03E18.720p.HDTV.X264-DIMENSION[eztv].mkv
2016-04-16 22:33 - 2016-04-16 22:33 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\Mozilla
2016-04-16 22:33 - 2016-04-16 22:33 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\ninjapinner.com
2016-04-16 22:33 - 2016-04-16 22:33 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\NinjaGram
2016-04-16 22:33 - 2016-04-16 22:33 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Geckofx
2016-04-16 22:31 - 2016-04-16 23:05 - 00001162 _____ C:\Users\Alienware 2\Desktop\NinjaGram.lnk
2016-04-16 22:31 - 2016-04-16 22:31 - 00000000 ____D C:\Users\Alienware 2\Downloads\ninjagram_exclusive_v2
2016-04-16 22:31 - 2016-04-16 22:31 - 00000000 ____D C:\Program Files (x86)\NinjaGram
2016-04-16 22:30 - 2016-04-16 22:30 - 26115010 _____ C:\Users\Alienware 2\Downloads\ninjagram_exclusive_v2.zip
2016-04-16 12:28 - 2016-05-03 19:57 - 00002081 _____ C:\Users\Alienware 2\UniversalGcodeSender.json
2016-04-15 03:41 - 2016-04-15 03:41 - 16896587 _____ C:\Users\Alienware 2\Downloads\Oracle_VM_VirtualBox_Extension_Pack-5.0.16-105871.vbox-extpack
2016-04-15 03:22 - 2016-04-15 03:22 - 00000000 ____D C:\Users\Alienware 2\Desktop\stepper_oneRevolution_1
2016-04-15 01:13 - 2016-04-15 01:13 - 00094736 _____ C:\Users\Alienware 2\Downloads\AF_mshield-v1.brd
2016-04-14 23:01 - 2016-04-15 03:49 - 00000000 ____D C:\Users\Alienware 2\.VirtualBox
2016-04-14 23:01 - 2016-04-14 23:01 - 00000000 ____D C:\Users\Alienware 2\VirtualBox VMs
2016-04-14 23:00 - 2016-04-14 23:00 - 00001153 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-04-14 23:00 - 2016-04-14 23:00 - 00000000 ____D C:\Program Files\Oracle
2016-04-14 23:00 - 2016-03-04 17:29 - 00982504 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-04-14 23:00 - 2016-03-04 17:29 - 00148808 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-04-14 21:39 - 2016-04-14 21:44 - 1178386432 _____ C:\Users\Alienware 2\Downloads\ubuntu-15.10-desktop-amd64.iso
2016-04-14 20:22 - 2016-05-09 03:14 - 00000000 ____D C:\WINDOWS\LastGood
2016-04-14 19:24 - 2016-04-14 19:24 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\Arduino
2016-04-14 19:23 - 2016-04-14 19:23 - 00001262 _____ C:\Users\Alienware 2\Desktop\Arduino ERW 1.0.5.lnk
2016-04-14 19:23 - 2016-04-14 19:23 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\www.ried.cl
2016-04-14 19:22 - 2012-05-21 18:04 - 00085384 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftser2k.sys
2016-04-14 19:22 - 2012-05-21 18:04 - 00065416 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftcserco.dll
2016-04-14 19:22 - 2012-05-21 18:04 - 00055176 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftserui2.dll
2016-04-14 11:33 - 2016-04-14 11:33 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-04-14 07:29 - 2016-04-14 07:29 - 00316352 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftd2xx.dll
2016-04-14 07:29 - 2016-04-14 07:29 - 00274880 _____ (FTDI Ltd.) C:\WINDOWS\system32\FTLang.dll
2016-04-14 07:29 - 2016-04-14 07:29 - 00274368 _____ (FTDI Ltd.) C:\WINDOWS\SysWOW64\ftd2xx.dll
2016-04-14 07:29 - 2016-04-14 07:29 - 00168384 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftbusui.dll
2016-04-14 07:29 - 2016-04-14 07:29 - 00108352 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftdibus.sys
2016-04-14 02:10 - 2015-07-10 14:00 - 00000001 ___SH C:\BOOTNXT
2016-04-14 01:58 - 2016-04-14 01:58 - 00413504 _____ C:\WINDOWS\Minidump\041416-51765-01.dmp
2016-04-14 01:48 - 2016-04-06 21:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-14 01:48 - 2016-04-06 21:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-14 00:43 - 2016-03-29 09:40 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-14 00:43 - 2016-03-29 09:40 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-14 00:43 - 2016-03-25 10:38 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-14 00:43 - 2016-03-25 10:25 - 12505600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-14 00:43 - 2016-03-25 10:14 - 07525376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-14 00:43 - 2016-03-25 10:13 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-14 00:43 - 2016-03-25 09:55 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-14 00:43 - 2016-03-25 09:54 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-14 00:43 - 2016-03-16 07:56 - 03467784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-14 00:43 - 2016-03-16 07:55 - 02495768 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 00:43 - 2016-03-16 07:55 - 01951872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-14 00:43 - 2016-03-16 07:55 - 01299032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-14 00:43 - 2016-03-16 07:55 - 01127024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-14 00:43 - 2016-03-16 07:47 - 22610328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-14 00:43 - 2016-03-16 07:47 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-14 00:43 - 2016-03-16 07:45 - 00140536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-14 00:43 - 2016-03-16 07:37 - 01010016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-14 00:43 - 2016-03-16 07:21 - 01767000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-14 00:43 - 2016-03-16 07:21 - 01531888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-14 00:43 - 2016-03-16 07:11 - 21088728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-14 00:43 - 2016-03-16 07:03 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-14 00:43 - 2016-03-16 07:00 - 21859840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-14 00:43 - 2016-03-16 06:49 - 01416192 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-14 00:43 - 2016-03-16 06:49 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-14 00:43 - 2016-03-16 06:45 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-14 00:43 - 2016-03-16 06:42 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-14 00:43 - 2016-03-16 06:40 - 00931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-14 00:43 - 2016-03-16 06:40 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-14 00:43 - 2016-03-16 06:40 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-14 00:43 - 2016-03-16 06:40 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-14 00:43 - 2016-03-16 06:39 - 03363328 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-14 00:43 - 2016-03-16 06:38 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-14 00:43 - 2016-03-16 06:37 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-14 00:43 - 2016-03-16 06:36 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-14 00:43 - 2016-03-16 06:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-14 00:43 - 2016-03-16 06:36 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-14 00:43 - 2016-03-16 06:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-14 00:43 - 2016-03-16 06:36 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-14 00:43 - 2016-03-16 06:36 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-14 00:43 - 2016-03-16 06:35 - 01794560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-14 00:43 - 2016-03-16 06:35 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-04-14 00:43 - 2016-03-16 06:34 - 01871872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-14 00:43 - 2016-03-16 06:32 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-14 00:43 - 2016-03-16 06:21 - 18796544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-14 00:43 - 2016-03-16 06:17 - 03680256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-14 00:43 - 2016-03-16 06:17 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-14 00:43 - 2016-03-16 06:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-14 00:43 - 2016-03-16 06:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-14 00:43 - 2016-03-16 06:13 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-14 00:43 - 2016-03-16 06:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-14 00:43 - 2016-03-16 06:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-14 00:43 - 2016-03-16 06:11 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-14 00:42 - 2016-03-16 07:56 - 01022664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-14 00:42 - 2016-03-16 07:56 - 00861512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-14 00:42 - 2016-03-16 07:55 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-14 00:42 - 2016-03-16 07:54 - 00595016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-14 00:42 - 2016-03-16 07:47 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-14 00:42 - 2016-03-16 07:46 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-14 00:42 - 2016-03-16 07:41 - 00607416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-14 00:42 - 2016-03-16 07:41 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-14 00:42 - 2016-03-16 07:39 - 00983904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-14 00:42 - 2016-03-16 07:11 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-14 00:42 - 2016-03-16 07:11 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-14 00:42 - 2016-03-16 07:08 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-14 00:42 - 2016-03-16 07:06 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-14 00:42 - 2016-03-16 07:05 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-14 00:42 - 2016-03-16 07:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-14 00:42 - 2016-03-16 06:56 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-14 00:42 - 2016-03-16 06:56 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-04-14 00:42 - 2016-03-16 06:55 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-14 00:42 - 2016-03-16 06:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-04-14 00:42 - 2016-03-16 06:55 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-14 00:42 - 2016-03-16 06:55 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-14 00:42 - 2016-03-16 06:51 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-04-14 00:42 - 2016-03-16 06:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-14 00:42 - 2016-03-16 06:47 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-14 00:42 - 2016-03-16 06:47 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-14 00:42 - 2016-03-16 06:47 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-14 00:42 - 2016-03-16 06:46 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-14 00:42 - 2016-03-16 06:44 - 01016832 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-14 00:42 - 2016-03-16 06:43 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-04-14 00:42 - 2016-03-16 06:43 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-14 00:42 - 2016-03-16 06:42 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-14 00:42 - 2016-03-16 06:42 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-14 00:42 - 2016-03-16 06:41 - 00950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-14 00:42 - 2016-03-16 06:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-14 00:42 - 2016-03-16 06:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-14 00:42 - 2016-03-16 06:40 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-14 00:42 - 2016-03-16 06:40 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-14 00:42 - 2016-03-16 06:39 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-14 00:42 - 2016-03-16 06:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-14 00:42 - 2016-03-16 06:37 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-14 00:42 - 2016-03-16 06:37 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-14 00:42 - 2016-03-16 06:37 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-14 00:42 - 2016-03-16 06:37 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-14 00:42 - 2016-03-16 06:37 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-14 00:42 - 2016-03-16 06:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-14 00:42 - 2016-03-16 06:35 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-14 00:42 - 2016-03-16 06:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-14 00:42 - 2016-03-16 06:35 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-14 00:42 - 2016-03-16 06:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-14 00:42 - 2016-03-16 06:31 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-14 00:42 - 2016-03-16 06:31 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-14 00:42 - 2016-03-16 06:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-14 00:42 - 2016-03-16 06:28 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-14 00:42 - 2016-03-16 06:27 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-14 00:42 - 2016-03-16 06:24 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-14 00:42 - 2016-03-16 06:24 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-14 00:42 - 2016-03-16 06:24 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-14 00:42 - 2016-03-16 06:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-14 00:42 - 2016-03-16 06:18 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-14 00:42 - 2016-03-16 06:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-04-14 00:42 - 2016-03-16 06:17 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2016-04-14 00:42 - 2016-03-16 06:17 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-14 00:42 - 2016-03-16 06:16 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-14 00:42 - 2016-03-16 06:14 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-14 00:42 - 2016-03-16 06:14 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-14 00:42 - 2016-03-16 06:14 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-14 00:42 - 2016-03-16 06:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-14 00:42 - 2016-03-16 06:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-14 00:42 - 2016-03-16 06:10 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 03:14 - 2016-04-13 03:14 - 00003143 _____ C:\Users\Alienware 2\Desktop\BabaCAD.lnk
2016-04-13 03:14 - 2016-04-13 03:14 - 00000000 ____D C:\Program Files (x86)\BabaCAD
2016-04-12 21:01 - 2016-04-12 21:01 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\Trimble Connect for SketchUp
2016-04-12 20:52 - 2016-04-12 20:52 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\SketchUp
2016-04-12 20:24 - 2016-04-12 20:24 - 00002247 _____ C:\Users\Public\Desktop\Style Builder 2016.lnk
2016-04-12 20:24 - 2016-04-12 20:24 - 00002153 _____ C:\Users\Public\Desktop\LayOut 2016.lnk
2016-04-12 20:24 - 2016-04-12 20:24 - 00002064 _____ C:\Users\Public\Desktop\SketchUp 2016.lnk
2016-04-12 20:23 - 2016-04-12 20:23 - 00000000 ____D C:\Program Files\SketchUp
2016-04-12 20:20 - 2016-04-12 20:20 - 01113212 _____ C:\Users\Alienware 2\Downloads\CNC2.skp
2016-04-12 05:13 - 2016-04-12 05:34 - 00011108 _____ C:\Users\Alienware 2\Desktop\New Microsoft Excel Worksheet.xlsx
2016-04-12 04:31 - 2016-04-12 04:31 - 00026740 _____ C:\Users\Alienware 2\Downloads\CNC_jogger.ino
2016-04-11 12:29 - 2016-04-11 12:29 - 00436855 _____ C:\Users\Alienware 2\Downloads\HW#7.apwz
2016-04-11 12:29 - 2016-04-11 12:29 - 00002048 _____ C:\Users\Alienware 2\Downloads\sysprs7.tgz
2016-04-11 12:29 - 2016-04-11 12:29 - 00002048 _____ C:\Users\Alienware 2\Downloads\sysprs7.dll
2016-04-10 01:57 - 2016-04-10 02:04 - 00000000 ____D C:\Users\Alienware 2\Downloads\The.Originals.S03E17.720p.HDTV.X264-DIMENSION[ettv]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-10 09:08 - 2015-09-28 20:48 - 03250481 _____ C:\Users\Alienware 2\Downloads\__Advanced_Driver_Updater.zip
2016-05-10 08:36 - 2015-10-19 13:11 - 03650601 _____ C:\Users\Alienware 2\Downloads\iTools_1849E.zip
2016-05-10 00:43 - 2016-02-03 15:57 - 00000000 ____D C:\Users\Alienware 2\Downloads\METAL GEAR SOLID V THE PHANTOM PAIN RePack - SEYTER
2016-05-10 00:43 - 2015-07-04 04:28 - 00000000 ____D C:\Users\Alienware 2\Downloads\Compressed
2016-05-09 19:32 - 2016-04-02 16:46 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\Everything
2016-05-09 19:32 - 2016-03-07 16:06 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\DMCache
2016-05-09 19:32 - 2016-03-04 10:07 - 01572864 ___SH C:\WINDOWS\system32\config\BBI
2016-05-09 18:23 - 2016-03-07 15:21 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\ElevatedDiagnostics
2016-05-09 18:19 - 2016-03-09 01:40 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\vlc
2016-05-09 16:54 - 2016-03-08 19:12 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\uTorrent
2016-05-09 16:51 - 2016-03-07 15:46 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-09 16:44 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-09 16:42 - 2016-03-10 06:41 - 123842560 _____ C:\WINDOWS\system32\config\software.iodefrag.bak
2016-05-09 16:42 - 2016-03-10 06:41 - 05410816 _____ C:\WINDOWS\system32\config\drivers.iodefrag.bak
2016-05-09 16:42 - 2016-03-10 06:41 - 00651264 _____ C:\WINDOWS\system32\config\default.iodefrag.bak
2016-05-09 16:42 - 2016-03-10 06:41 - 00069632 _____ C:\WINDOWS\system32\config\sam.iodefrag.bak
2016-05-09 16:42 - 2016-03-10 06:41 - 00036864 _____ C:\WINDOWS\system32\config\security.iodefrag.bak
2016-05-09 16:42 - 2016-03-04 07:49 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2016-05-09 16:42 - 2016-03-04 07:49 - 00000000 ____D C:\Users\DefaultAppPool
2016-05-09 15:57 - 2016-03-07 16:06 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\IDM
2016-05-09 15:51 - 2016-03-07 15:46 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-09 15:43 - 2016-03-08 22:56 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\CalendarTool
2016-05-09 15:28 - 2016-03-07 03:31 - 00000000 __SHD C:\Users\Alienware 2\IntelGraphicsProfiles
2016-05-09 14:54 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-05-09 14:52 - 2016-03-04 07:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-09 03:23 - 2016-03-12 08:03 - 00000270 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Alienware 2.job
2016-05-09 03:23 - 2016-03-07 01:33 - 00028504 _____ C:\WINDOWS\SysWOW64\lservsta
2016-05-09 03:23 - 2016-03-04 10:23 - 00000000 ____D C:\WINDOWS\INF
2016-05-09 03:18 - 2016-03-04 12:26 - 00002219 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-05-09 03:17 - 2016-03-06 19:02 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-09 03:17 - 2015-09-09 01:24 - 00000000 ____D C:\Users\Alienware 2\.oracle_jre_usage
2016-05-09 03:15 - 2016-03-06 23:20 - 00000000 ____D C:\Program Files\Java
2016-05-09 03:15 - 2016-03-04 07:52 - 01141862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 03:14 - 2016-03-04 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-05-09 02:53 - 2016-03-07 03:31 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Packages
2016-05-09 02:52 - 2016-03-06 23:58 - 00000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2016-05-09 02:00 - 2016-03-08 19:03 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Adobe
2016-05-08 12:37 - 2016-03-04 10:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-08 02:08 - 2016-03-07 15:00 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\CrashDumps
2016-05-07 16:00 - 2016-03-12 08:03 - 00002232 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-05-07 15:58 - 2016-03-07 05:50 - 00000000 ____D C:\Users\Alienware 2\AppData\Roaming\AspenTech
2016-05-07 15:54 - 2016-03-07 04:55 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\AspenTech
2016-05-07 15:53 - 2016-03-07 05:51 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Aspen_Technology,_Inc
2016-05-07 15:40 - 2016-03-04 10:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-07 15:36 - 2016-03-07 01:19 - 00000000 ____D C:\Program Files\Microsoft Office
2016-05-07 15:28 - 2016-03-04 07:37 - 04958056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-06 14:29 - 2016-03-04 10:24 - 00017662 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-05-06 14:28 - 2016-03-07 00:03 - 00000000 ____D C:\Program Files (x86)\AspenTech
2016-05-06 14:28 - 2015-12-07 21:29 - 00000000 ____D C:\Users\Alienware 2\Documents\AspenTech
2016-05-06 14:19 - 2016-03-06 23:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-06 14:16 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\Help
2016-05-06 14:00 - 2016-03-07 03:31 - 00000000 ____D C:\Users\Alienware 2
2016-05-06 13:44 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-03 15:44 - 2015-09-28 13:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-03 06:15 - 2016-03-06 23:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2016-04-30 23:23 - 2015-11-25 14:50 - 00000000 ____D C:\Users\Alienware 2\Downloads\PopcornTime
2016-04-30 23:22 - 2016-03-07 03:31 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\VirtualStore
2016-04-30 17:39 - 2016-03-05 14:31 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-26 13:35 - 2016-03-28 03:25 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Comms
2016-04-20 03:48 - 2016-03-19 18:49 - 00000000 ____D C:\Users\Alienware 2\AppData\Local\Arduino15
2016-04-15 00:07 - 2015-08-18 07:52 - 00000000 ____D C:\Users\Alienware 2\Documents\Arduino
2016-04-14 19:22 - 2016-03-19 18:38 - 00000000 ____D C:\Program Files (x86)\Arduino
2016-04-14 02:57 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 02:02 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-04-14 02:02 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-14 02:02 - 2016-03-04 10:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-04-14 01:58 - 2016-03-04 13:23 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-14 01:57 - 2016-04-02 00:52 - 1253974268 _____ C:\WINDOWS\MEMORY.DMP
2016-04-14 01:55 - 2016-03-04 12:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-14 01:50 - 2016-03-04 12:41 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-14 01:50 - 2016-03-04 10:13 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-12 03:00 - 2016-04-07 08:08 - 00010442 _____ C:\Users\Alienware 2\Desktop\Book32131.xlsx
2016-04-11 03:46 - 2016-04-08 17:42 - 00061131 _____ C:\Users\Alienware 2\Desktop\socity6.xlsx
 
==================== Files in the root of some directories =======
 
2016-03-06 23:27 - 2016-03-06 23:19 - 0086174 _____ () C:\Program Files (x86)\LSERVRC_004_22C97.lic
2016-03-07 01:36 - 2011-09-24 06:56 - 1552384 _____ (Aspentech) C:\Program Files (x86)\STRGXI2.dll
2016-04-26 05:18 - 2016-04-26 05:18 - 0000112 _____ () C:\Users\Alienware 2\AppData\Roaming\JP2K CS6 Prefs
2016-03-08 22:32 - 2016-03-08 22:39 - 0003584 _____ () C:\Users\Alienware 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-09 15:52 - 2016-05-09 15:52 - 0216726 _____ () C:\ProgramData\1462797374.bdinstall.bin
2016-03-04 12:36 - 2016-03-04 12:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-05-06 14:18 - 2016-05-06 14:25 - 0000090 _____ () C:\ProgramData\hxnet.ini
 
Files to move or delete:
====================
C:\Users\Alienware 2\Razer Synapse Tournament Drivers 20151002_2242.exe
C:\Users\Alienware 2\Razer Synapse Tournament Drivers 20160307_1533.exe
 
 
Some files in TEMP:
====================
C:\Users\Alienware 2\AppData\Local\Temp\DVDBrowserWizardDLL.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-04-30 13:55
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:08 PM

Posted 10 May 2016 - 08:44 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Windows Firewall is disabled.
Enable your Firewall.
http://windows.microsoft.com/en-ca/windows/turn-windows-firewall-on-off#turn-windows-firewall-on-off=windows-7
===

Remove these programs via the Control Panel > Programs > Programs and Features appet.
Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATTENTION
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.5.0 - Popcorn Time) <==== ATTENTION

This is the old versions of Java.
If still present removethemt also.
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)

You also have other IObit programs that are not recommended. Advance System Care and others are known to cause system problems and that had stolen material from other computer security companies to use in their own program.
IOBit Steals Malwarebytes’ Intellectual Property
IOBit’s Denial of Theft Unconvincing
The program has also been seen to cause numerous system problems that tend to go away after uninstalling their software.

Go to Start > Control Panel > Add or Remove all other Programs from IObit.

It's your call.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
(BitTorrent Inc.) C:\Users\Alienware 2\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Users\Alienware 2\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-21666752-163315718-2130443058-1006\...\Run: [AdobeBridge] => [X]
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
Startup: C:\Users\Alienware 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\atajo.lnk [2016-05-09]
ShortcutTarget: atajo.lnk -> C:\Users\Alienware 2\AppData\Roaming\qxoggtx\xfklsrk64.exe (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sa.hao123.com/?tn=sdkc_inner_hp_09_hao123_sa&guid=1ba3c46eae0457a60acf7fb1d6a690d8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://sa.hao123.com/?tn=sdkc_inner_hp_09_hao123_sa&guid=1ba3c46eae0457a60acf7fb1d6a690d8
CHR Extension: (Bleaner) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2016-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
S3 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2442368 2016-02-17] (AnchorFree Inc.)
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 cpuz138; \??\C:\Users\ALIWNW~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0; \??\c:\program files\alienware\supportassist\pcdsrvc_x64.pkms [X]
U4 vsserv; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Program Files (x86)\CalendarTool
C:\Program Files (x86)\Popcorn Time
C:\WINDOWS\SECOH-QAD.exe
C:\Users\Alienware 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\atajo.lnk
C:\Users\Alienware 2\AppData\Roaming\qxoggtx
C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
C:\Users\Alienware 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Task: {81474C8D-0021-468D-A962-885F972BD559} - System32\Tasks\Microsoft\Windows\SystemRestore\FreeVPN => C:\Users\ALiwnware\AppData\Roaming\FreeVPN\FreeVPN.exe <==== ATTENTION
C:\Program Files (x86)\Hotspot Shield
Shortcut: C:\Users\Alienware 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin\Enfuse Auto Align Droplet.lnk -> C:\Program Files\Hugin\bin\enfuse_auto_align_droplet.bat (No File)
AlternateDataStreams: C:\Users\Alienware 2\Downloads\iTools_1849E.zip:BDU [1]
AlternateDataStreams: C:\Users\Alienware 2\Downloads\__Advanced_Driver_Updater.zip:BDU [1]
C:\Users\ALiwnware\AppData\Roaming\FreeVPN

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Please let me know what problem persists with this computer.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:08 PM

Posted 16 May 2016 - 07:48 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users