Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malicious Registry Key [HELP]


  • This topic is locked This topic is locked
4 replies to this topic

#1 DanieI

DanieI

  • Banned
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:33 AM

Posted 17 May 2016 - 06:33 PM

Heyo. I have a very malicious threat that is infecting my browsers, as well as my registry.

The level of security of my PC is awfully good, and I'm surprised that this found a way into my PC.

I run a secure version of Windows 7 Professional 64-bit SP1.

XaY4ZO3.jpg

I discovered this threat on my own, lurking amongst my registy.

 

In fright, I scanned my computer with Spy Hunter 4 and it found this registry value, which is the exact same one I found!

 

I used Microsoft Fix It, SFC, Windows Defender, Zemana, Ad-Aware, Avast, Webroot, and nothing except for SpyHunter has found this.

 

I tried to delete the registry, but it just respawns. The value contained "www.unstops.org" so I blocked that from my hosts file in C:\Windows\System32\drivers\etc

 

Any suggestions?


Edited by DanieI, 17 May 2016 - 06:36 PM.


BC AdBot (Login to Remove)

 


#2 DanieI

DanieI
  • Topic Starter

  • Banned
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:33 AM

Posted 17 May 2016 - 07:04 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
Ran by Daniel (administrator) on DANIEL-HP (17-05-2016 19:54:37)
Running from C:\Users\Daniel\Temps\scoped_dir8484_13693
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Privacyware/PWI, Inc.) C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Andy OS, inc.) C:\Program Files\Andy\HandyAndy.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Privacyware/PWI, Inc.) C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.41\opera.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8463064 2015-04-14] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe [9581280 2016-01-28] ()
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (The Eraser Project)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-01-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [876712 2016-05-14] (Webroot)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2313408 2016-04-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Privatefirewall] => C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe [3048480 2013-12-17] (Privacyware/PWI, Inc.)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-29] (Valve Corporation)
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Daniel\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-05-17] (Epic Privacy Browser)
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2016-05-08]
ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe (Andy OS, inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
AutoConfigURL: [S-1-5-21-1714951658-3079717506-1226481009-1001] => hxxp://unstops.org/wpad.dat?65e0e9c4861d0053d8f28091eb028cf29971105
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2DF53DEC-E18A-4C52-9760-EE66F81628FC}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{C5068649-4883-44F6-A501-4C7A6706F5B8}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{EB1B41AA-0809-4C82-949C-CF8CC6ED2877}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{F1199E7B-6419-4FAD-BB22-515C5D2E4826}: [DhcpNameServer] 192.168.1.1
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com/
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-1714951658-3079717506-1226481009-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://js.redirect.hp.com/jumpstation?bd=all&c=144&locale=ww_ww&pf=cndt&s=ieHPtab&tp=iehome
SearchScopes: HKLM -> {62E3F746-B729-45BB-9EC0-72A9A4AB1B15} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-23] (Oracle Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-04-30] (Webroot)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-23] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-04-30] (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
 
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ek1rel3s.default
FF Homepage: www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-05] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-04-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-05] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-04-07] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1714951658-3079717506-1226481009-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Daniel\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-05-17] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-1714951658-3079717506-1226481009-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Daniel\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-05-17] (Epic Privacy Browser)
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2016-05-14]
FF Extension: ColorZilla - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ek1rel3s.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-05-14]
FF Extension: AdBlocker Ultimate - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ek1rel3s.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-05-16]
FF Extension: One Click Proxy - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ek1rel3s.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2016-05-17]
FF HKLM\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (Proxy Finder (IP Switcher)) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\alogkmikeckanjlbmkkjmcidkgkfpilg [2016-05-17]
OPR Extension: (Adblock Fast) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\klhobddcbiabdfjmomildokiglpmdicc [2016-05-17]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [694464 2016-04-07] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1075712 2016-03-05] (Digital Care Solutions) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe [712432 2016-01-28] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
R2 PFNet; C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe [374600 2013-12-17] (Privacyware/PWI, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294104 2015-04-14] (Realtek Semiconductor)
S3 scan; C:\Program Files\BDServices\scan.dll [602456 2016-02-22] (Bitdefender)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-05-16] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-03] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [876712 2016-05-14] (Webroot)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2015-03-23] (Advanced Micro Devices, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [83256 2014-02-03] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-05-16] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-05-16] ()
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429144 2014-10-17] (Intel Corporation)
S3 rccfg; C:\Windows\system32\drivers\rccfg.sys [21680 2015-03-23] (AMD, Inc.)
S3 rcraid; C:\Windows\system32\drivers\rcraid.sys [536752 2015-03-23] (AMD, Inc.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [48840 2015-08-13] (Razer Inc)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2016-02-22] (BitDefender S.R.L.)
R2 uxpatch; C:\windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-04-30] (Webroot)
S3 wrUrlFlt; C:\windows\system32\DRIVERS\wrUrlFlt.sys [54512 2016-04-30] (Webroot)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [202656 2016-05-17] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [202656 2016-05-17] (Zemana Ltd.)
S0 ACmzrhxu; System32\drivers\ACmzrhxu.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-17 19:54 - 2016-05-17 19:54 - 02382336 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2016-05-17 19:54 - 2016-05-17 19:54 - 00000000 ____D C:\FRST
2016-05-17 18:04 - 2016-05-17 18:04 - 00000146 _____ C:\windows\ODBC.INI
2016-05-17 18:04 - 2013-09-29 21:24 - 00133152 _____ (Privacyware/PWI, Inc.) C:\windows\system32\Drivers\pwipf6.sys
2016-05-17 18:03 - 2016-05-17 18:03 - 03749640 _____ (PWI, Inc. ) C:\Users\Daniel\Downloads\privatefirewall.exe
2016-05-17 18:03 - 2016-05-17 18:03 - 00000000 ____D C:\ProgramData\Privacyware
2016-05-17 18:03 - 2016-05-17 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privatefirewall 7.0
2016-05-17 18:03 - 2016-05-17 18:03 - 00000000 ____D C:\Program Files (x86)\Privacyware
2016-05-17 17:46 - 2016-05-17 17:46 - 04367207 _____ C:\Users\Daniel\Downloads\CBS.txt
2016-05-17 16:27 - 2016-05-17 16:27 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-05-17 16:27 - 2016-05-17 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-05-17 16:27 - 2016-05-17 16:27 - 00000000 ____D C:\Program Files\Speccy
2016-05-17 16:26 - 2016-05-17 16:26 - 05111240 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\spsetup129.exe
2016-05-17 15:45 - 2016-05-17 15:45 - 01193680 _____ (Adobe Systems Incorporated) C:\Users\Daniel\Downloads\flashplayer21pp_fa_install.exe
2016-05-17 15:28 - 2016-05-17 15:28 - 00003840 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1463513303
2016-05-17 15:28 - 2016-05-17 15:28 - 00001129 _____ C:\Users\Public\Desktop\Opera.lnk
2016-05-17 15:28 - 2016-05-17 15:28 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-17 15:28 - 2016-05-17 15:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2016-05-17 15:28 - 2016-05-17 15:28 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-17 15:27 - 2016-05-17 15:28 - 00000000 ____D C:\Users\Daniel\Downloads\Opera Installer
2016-05-17 15:27 - 2016-05-17 15:27 - 00725416 _____ (Opera Software) C:\Users\Daniel\Downloads\OperaSetup.exe
2016-05-17 15:13 - 2016-05-17 15:13 - 104477323 _____ C:\Users\Daniel\Downloads\chrome-win32.zip
2016-05-17 15:00 - 2016-05-17 15:00 - 00001761 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2016-05-17 15:00 - 2016-05-17 15:00 - 00001749 _____ C:\Users\Public\Desktop\Eraser.lnk
2016-05-17 15:00 - 2016-05-17 15:00 - 00000000 ____D C:\Program Files\Eraser
2016-05-17 14:58 - 2016-05-17 14:58 - 08338384 _____ (The Eraser Project) C:\Users\Daniel\Downloads\Eraser 6.2.0.2970.exe
2016-05-17 14:55 - 2016-05-17 14:55 - 21382440 _____ (Tweaking.com) C:\Users\Daniel\Downloads\tweaking.com_windows_repair_aio_setup.exe
2016-05-17 14:55 - 2016-05-17 14:55 - 00185691 _____ C:\windows\Tweaking.com - Windows Repair Setup Log.txt
2016-05-17 14:55 - 2016-05-17 14:55 - 00003658 _____ C:\windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-05-17 14:55 - 2016-05-17 14:55 - 00002165 _____ C:\Users\Daniel\Desktop\Windows Repair.lnk
2016-05-17 14:55 - 2016-05-17 14:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-05-17 14:55 - 2016-05-17 14:55 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-05-17 14:53 - 2016-05-17 14:53 - 05812288 _____ C:\Users\Daniel\Downloads\sample-pics.zip
2016-05-17 14:42 - 2016-05-17 14:42 - 10496828 _____ C:\Users\Daniel\Downloads\How to Download Zemana Antimalware With Activation Key for Free 2015 Special Offer.mp4
2016-05-17 12:03 - 2016-05-17 12:03 - 00000024 _____ C:\Users\Daniel\Desktop\CPPSNews (password).txt
2016-05-17 11:09 - 2016-05-17 16:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\tor
2016-05-17 10:39 - 2016-05-17 10:39 - 00210661 _____ C:\Users\Daniel\Downloads\pocket.crx
2016-05-17 10:39 - 2016-05-17 10:39 - 00210661 _____ C:\Users\Daniel\Downloads\pocket (1).crx
2016-05-17 10:14 - 2016-05-17 10:14 - 00000000 ____D C:\ProgramData\Epic Privacy Browser
2016-05-17 10:13 - 2016-05-17 10:13 - 01832744 _____ (Epic Privacy Browser) C:\Users\Daniel\Downloads\EpicSetup.exe
2016-05-17 09:27 - 2016-05-17 09:27 - 00001088 _____ C:\Users\Daniel\Desktop\regedit - Shortcut.lnk
2016-05-17 09:22 - 2016-05-17 19:51 - 00036770 _____ C:\windows\ZAM.krnl.trace
2016-05-17 09:22 - 2016-05-17 18:34 - 00007895 _____ C:\windows\ZAM_Guard.krnl.trace
2016-05-17 09:22 - 2016-05-17 09:22 - 00202656 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2016-05-17 09:22 - 2016-05-17 09:22 - 00202656 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam64.sys
2016-05-17 09:22 - 2016-05-17 09:22 - 00001154 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-05-17 09:22 - 2016-05-17 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-05-17 09:22 - 2016-05-17 09:22 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-05-17 09:21 - 2016-05-17 09:22 - 05479312 _____ ( ) C:\Users\Daniel\Downloads\Zemana.AntiMalware.Setup.exe
2016-05-16 21:11 - 2016-05-16 21:11 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Curiolab
2016-05-16 21:10 - 2016-05-16 21:10 - 15624392 _____ (CURIOLAB S.M.B.A.) C:\Users\Daniel\Downloads\ExterminateItSetup.exe
2016-05-16 20:39 - 2016-05-17 18:00 - 00000470 _____ C:\windows\Tasks\ParetoLogic Registration3.job
2016-05-16 20:39 - 2016-05-16 20:39 - 00003136 _____ C:\windows\System32\Tasks\ParetoLogic Registration3
2016-05-16 20:39 - 2016-05-16 20:39 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ParetoLogic
2016-05-16 20:38 - 2016-05-17 09:52 - 00000000 ____D C:\Program Files\BDServices
2016-05-16 20:38 - 2016-05-16 20:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2016-05-16 20:38 - 2016-05-16 20:38 - 00000000 ____D C:\ProgramData\ParetoLogic
2016-05-16 20:38 - 2016-05-16 20:38 - 00000000 ____D C:\Program Files (x86)\ParetoLogic
2016-05-16 16:12 - 2016-05-16 16:12 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Lavasoft
2016-05-16 16:03 - 2016-05-16 16:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\LavasoftStatistics
2016-05-16 16:03 - 2016-05-16 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-05-16 16:02 - 2016-05-16 16:02 - 00000000 ____D C:\Program Files\Lavasoft
2016-05-16 15:41 - 2016-05-16 15:41 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-05-16 15:40 - 2016-05-16 15:40 - 02085168 _____ C:\Users\Daniel\Downloads\Adaware_Installer.exe
2016-05-16 15:40 - 2016-05-16 15:40 - 00000000 ____D C:\ProgramData\Lavasoft
2016-05-16 14:04 - 2016-05-17 17:42 - 00000000 ____D C:\Users\Daniel\Desktop\Security
2016-05-16 14:03 - 2016-05-16 14:03 - 00986624 _____ C:\Users\Daniel\Downloads\MicrosoftFixit50850.msi
2016-05-16 13:52 - 2016-05-16 13:52 - 54376048 _____ (Comodo) C:\Users\Daniel\Downloads\dragonsetup.exe
2016-05-16 13:34 - 2016-05-16 13:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-05-16 13:34 - 2016-05-16 13:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Enigma Software Group
2016-05-16 13:34 - 2016-05-16 13:34 - 00000000 ____D C:\sh4ldr
2016-05-16 13:34 - 2016-05-16 13:34 - 00000000 _____ C:\autoexec.bat
2016-05-16 13:33 - 2016-05-16 13:33 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Daniel\Downloads\SpyHunter-Installer.exe
2016-05-16 13:33 - 2016-05-16 13:33 - 00022704 _____ C:\windows\system32\Drivers\EsgScanner.sys
2016-05-16 13:33 - 2016-05-16 13:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-05-16 13:20 - 2016-05-16 13:20 - 00001550 _____ C:\Users\Daniel\Desktop\JRT.txt
2016-05-16 13:18 - 2016-05-16 13:18 - 03651136 _____ C:\Users\Daniel\Downloads\adwcleaner_5.117.exe
2016-05-16 13:11 - 2016-05-16 13:11 - 01610816 _____ (Malwarebytes) C:\Users\Daniel\Downloads\JRT.exe
2016-05-16 13:04 - 2016-05-16 21:37 - 00000000 ____D C:\windows\Minidump
2016-05-16 12:29 - 2016-05-16 12:29 - 00000000 ____D C:\Users\Daniel\Documents\Re
2016-05-15 20:54 - 2016-05-15 20:54 - 00845072 _____ (MurGee.com ) C:\Users\Daniel\Downloads\setup.exe
2016-05-14 20:26 - 2016-05-14 21:11 - 00000000 ____D C:\Users\Daniel\Desktop\PS cs6
2016-05-14 20:25 - 2016-05-14 20:25 - 01228608 _____ (Adobe Systems Incorporated) C:\Users\Daniel\Downloads\Photoshop_13_LS16.exe
2016-05-14 13:16 - 2016-05-14 13:16 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-05-14 07:54 - 2016-05-17 19:55 - 00000000 ____D C:\Users\Daniel\Temps
2016-05-14 07:54 - 2016-05-14 13:12 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Auto Clicker
2016-05-14 07:54 - 2016-05-14 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2016-05-13 22:10 - 2016-05-13 22:10 - 00254468 _____ C:\Users\Daniel\Downloads\d3loo_adobe_flash_pro_CS6_patch.zip
2016-05-13 21:40 - 2016-05-13 21:40 - 00256532 _____ C:\Users\Daniel\Downloads\d3loo_piriform_ccleaner_v4.12_patch.zip
2016-05-12 17:08 - 2016-05-16 21:37 - 00000000 ____D C:\ProgramData\Gramblr
2016-05-12 17:08 - 2016-05-13 21:31 - 00000000 ____D C:\Program Files\Gramblr
2016-05-12 16:04 - 2016-05-12 16:04 - 00000074 _____ C:\Users\Daniel\.node_repl_history
2016-05-12 16:02 - 2016-05-12 16:02 - 00139265 _____ C:\Users\Daniel\Desktop\Pedestrian.mp4
2016-05-12 16:02 - 2016-05-12 16:02 - 00005773 _____ C:\Users\Daniel\Desktop\Pedestrian.swf
2016-05-11 18:21 - 2016-05-12 15:40 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2016-05-11 18:20 - 2016-05-13 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-11 18:20 - 2016-05-11 18:20 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-05-11 18:17 - 2016-05-11 18:17 - 30503216 _____ C:\Users\Daniel\Downloads\vlc-2.2.3-win32.exe
2016-05-11 17:49 - 2016-05-14 13:12 - 00000000 ____D C:\AdwCleaner
2016-05-11 17:38 - 2016-05-14 13:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-11 17:38 - 2016-05-14 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-11 17:38 - 2016-05-14 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-11 17:38 - 2016-05-11 17:39 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-11 17:38 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-11 17:38 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-11 17:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-11 17:35 - 2016-05-16 21:37 - 00000000 ____D C:\Users\Daniel\Temp
2016-05-11 17:24 - 2016-05-11 17:24 - 22851472 _____ (Malwarebytes ) C:\Users\Daniel\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-11 17:23 - 2016-05-11 17:24 - 22851472 _____ (Malwarebytes ) C:\Users\Daniel\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-11 17:20 - 2016-05-11 17:20 - 05326135 _____ C:\Users\Daniel\Desktop\IceyCPApplications.mp4
2016-05-11 17:01 - 2016-05-12 17:04 - 00000000 ____D C:\Users\Daniel\Desktop\Broken SWF
2016-05-11 16:04 - 2016-05-11 16:05 - 51373848 _____ (8pecxstudios ) C:\Users\Daniel\Downloads\Cyberfox-46.0.2.en-US.win64-x86_64.intel.exe
2016-05-10 21:36 - 2016-05-10 21:36 - 00002340 _____ C:\Users\Daniel\Desktop\Vivaldi.lnk
2016-05-10 21:36 - 2016-05-10 21:36 - 00002267 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-05-10 21:35 - 2016-05-10 21:35 - 38168696 _____ (Vivaldi Technologies AS) C:\Users\Daniel\Downloads\Vivaldi.1.1.453.52.exe
2016-05-10 21:17 - 2016-05-14 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-10 21:17 - 2016-05-14 13:12 - 00000000 ____D C:\Program Files\CCleaner
2016-05-10 21:17 - 2016-05-10 21:17 - 06882192 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup517.exe
2016-05-10 21:17 - 2016-05-10 21:17 - 00002794 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-05-10 21:17 - 2016-05-10 21:17 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-10 21:12 - 2016-05-10 21:14 - 346628264 _____ (Corel Corporation) C:\Users\Daniel\Downloads\CorelPainter2016.exe
2016-05-10 20:57 - 2016-05-10 20:57 - 00052567 _____ C:\Users\Daniel\Desktop\NervousFace.mp4
2016-05-10 20:57 - 2016-05-10 20:57 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\com.newgrounds.swivel.Swivel
2016-05-10 20:02 - 2016-05-16 21:37 - 00000000 ____D C:\Program Files\HyperCam 2
2016-05-10 20:02 - 2016-05-14 13:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2016-05-10 20:02 - 2016-05-10 20:02 - 03208976 _____ C:\Users\Daniel\Downloads\HC2Setup64.exe
2016-05-10 20:02 - 2016-05-10 20:02 - 00000937 _____ C:\Users\Daniel\Desktop\HyperCam 2.lnk
2016-05-10 19:50 - 2016-05-10 19:53 - 261137096 _____ C:\Users\Daniel\Downloads\camtasia(1).exe
2016-05-10 19:47 - 2016-05-10 19:47 - 00003132 _____ C:\windows\System32\Tasks\{36B5A854-9995-478D-8615-0634CEEC3325}
2016-05-10 19:37 - 2016-05-10 19:45 - 1205644512 _____ (Adobe Systems Incorporated) C:\Users\Daniel\Downloads\FlashPro_12_LS16(1).exe
2016-05-10 19:25 - 2016-05-10 19:25 - 00001616 _____ C:\Users\Daniel\Desktop\Flash Pro CS6.lnk
2016-05-10 19:18 - 2016-05-14 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-05-10 19:17 - 2016-05-14 13:12 - 00000000 ____D C:\abbd09b5bedf66500366f9b9
2016-05-10 18:24 - 2016-02-05 08:11 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Daniel\Desktop\procexp.exe
2016-05-10 18:24 - 2016-02-05 08:03 - 00072154 ____N C:\Users\Daniel\Desktop\procexp.chm
2016-05-10 18:24 - 2015-10-27 07:32 - 00007490 ____N C:\Users\Daniel\Desktop\Eula.txt
2016-05-10 18:23 - 2016-05-10 18:23 - 01270466 _____ C:\Users\Daniel\Downloads\ProcessExplorer.zip
2016-05-10 18:23 - 2016-02-05 08:11 - 02694816 ____N (Sysinternals - www.sysinternals.com) C:\Users\Daniel\Downloads\procexp.exe
2016-05-10 18:23 - 2016-02-05 08:03 - 00072154 ____N C:\Users\Daniel\Downloads\procexp.chm
2016-05-10 18:23 - 2015-10-27 07:32 - 00007490 ____N C:\Users\Daniel\Downloads\Eula.txt
2016-05-10 17:55 - 2016-05-10 17:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\PACE Anti-Piracy
2016-05-10 17:55 - 2016-05-10 17:55 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2016-05-10 17:52 - 2016-05-10 17:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\PDAppFlex
2016-05-10 17:48 - 2016-05-14 13:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-05-10 17:48 - 2016-05-14 13:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-05-10 17:48 - 2016-05-10 17:48 - 00000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-05-10 17:17 - 2016-05-14 13:08 - 00000000 ____D C:\Users\Daniel\Desktop\Flash Pro CS6
2016-05-10 17:04 - 2016-05-10 17:14 - 1205644512 _____ (Adobe Systems Incorporated) C:\Users\Daniel\Downloads\FlashPro_12_LS16.exe
2016-05-10 16:30 - 2016-05-10 16:31 - 06227125 _____ C:\Users\Daniel\Downloads\Pencil2D-dev-0.5.4b-win.zip
2016-05-10 16:28 - 2016-05-10 16:28 - 00000786 _____ C:\Users\Public\Desktop\Swivel.lnk
2016-05-10 16:26 - 2016-05-14 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swivel
2016-05-10 16:26 - 2016-05-14 13:13 - 00000000 ____D C:\Program Files\Swivel
2016-05-10 16:25 - 2016-05-10 16:25 - 28661192 _____ C:\Users\Daniel\Downloads\swivel-win64.exe
2016-05-10 15:25 - 2016-05-10 15:25 - 00003114 _____ C:\windows\System32\Tasks\{59414898-C2DA-4633-AF5E-8D2D961932A1}
2016-05-09 20:30 - 2016-05-14 13:13 - 00000000 ____D C:\Users\Daniel\Desktop\TZogCP Skype Tool V2
2016-05-09 20:30 - 2016-05-09 20:30 - 00346171 _____ C:\Users\Daniel\Downloads\TZogCP Skype Tool V2.rar
2016-05-09 20:14 - 2016-05-09 20:14 - 00358309 _____ C:\Users\Daniel\Downloads\Flint.zip
2016-05-09 17:14 - 2016-05-09 17:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sublime Text 3
2016-05-09 17:13 - 2016-05-14 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2016-05-09 17:13 - 2016-05-14 13:13 - 00000000 ____D C:\Program Files\nodejs
2016-05-09 17:13 - 2016-05-09 17:13 - 01232113 _____ C:\Users\Daniel\Downloads\FreeAgarBotsFB.zip
2016-05-09 17:13 - 2016-05-09 17:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\npm
2016-05-09 17:12 - 2016-05-14 13:13 - 00000000 ____D C:\Program Files\Sublime Text 3
2016-05-09 17:12 - 2016-05-09 17:12 - 11018240 _____ C:\Users\Daniel\Downloads\node-v4.4.4-x64.msi
2016-05-09 17:12 - 2016-05-09 17:12 - 08168696 _____ (Sublime HQ Pty Ltd ) C:\Users\Daniel\Downloads\Sublime Text Build 3103 x64 Setup.exe
2016-05-09 17:12 - 2016-05-09 17:12 - 00000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-05-08 19:39 - 2016-05-08 19:39 - 00000000 ____D C:\Users\Daniel\.android
2016-05-08 19:27 - 2016-05-17 09:16 - 00000000 ____D C:\windows\system32\appmgmt
2016-05-08 19:27 - 2016-04-14 17:17 - 00066752 _____ (VMware, Inc.) C:\windows\system32\Drivers\vmx86.sys
2016-05-08 19:27 - 2016-04-14 17:17 - 00033472 _____ (VMware, Inc.) C:\windows\system32\Drivers\VMkbd.sys
2016-05-08 19:27 - 2015-11-05 19:25 - 00075512 _____ (VMware, Inc.) C:\windows\system32\Drivers\vsock.sys
2016-05-08 19:27 - 2015-11-05 19:25 - 00068288 _____ (VMware, Inc.) C:\windows\system32\vsocklib.dll
2016-05-08 19:27 - 2015-11-05 19:25 - 00064192 _____ (VMware, Inc.) C:\windows\SysWOW64\vsocklib.dll
2016-05-08 19:26 - 2016-05-17 18:30 - 00000000 ____D C:\ProgramData\VMware
2016-05-08 19:26 - 2016-05-14 13:14 - 00000000 ____D C:\Program Files (x86)\VMware
2016-05-08 19:26 - 2016-05-14 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2016-05-08 19:26 - 2016-05-14 13:06 - 00000000 ____D C:\Program Files\Common Files\VMware
2016-05-08 19:26 - 2016-04-14 17:17 - 00934080 _____ (VMware, Inc.) C:\windows\system32\vnetlib64.dll
2016-05-08 19:26 - 2016-04-14 17:17 - 00392896 _____ (VMware, Inc.) C:\windows\SysWOW64\vmnat.exe
2016-05-08 19:26 - 2016-04-14 17:17 - 00358080 _____ (VMware, Inc.) C:\windows\SysWOW64\vmnetdhcp.exe
2016-05-08 19:26 - 2016-04-14 16:53 - 00026816 _____ (VMware, Inc.) C:\windows\system32\Drivers\vmnetuserif.sys
2016-05-08 19:26 - 2016-03-10 08:03 - 00057536 _____ (VMware, Inc.) C:\windows\system32\Drivers\hcmon.sys
2016-05-08 19:23 - 2016-05-14 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2016-05-08 19:23 - 2016-05-08 19:23 - 00001493 _____ C:\Users\Public\Desktop\Start Andy.lnk
2016-05-08 19:21 - 2016-05-14 13:14 - 00000000 ____D C:\Program Files\Andy
2016-05-08 19:21 - 2016-05-14 13:12 - 00000000 ____D C:\Program Files\AndyOfflineInstaller46.2
2016-05-08 19:21 - 2016-05-14 13:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Andy
2016-05-08 19:21 - 2016-05-08 19:21 - 00000000 ____D C:\Users\Daniel\Andy
2016-05-08 19:15 - 2016-05-08 19:18 - 452003264 _____ (Andy OS, inc.) C:\Users\Daniel\Downloads\Andy_46.2_207_x64bit.exe
2016-05-08 19:12 - 2016-05-08 19:13 - 451414482 _____ C:\Users\Daniel\Downloads\Console_OS_Express_0_4_96_64bit.zip
2016-05-08 17:35 - 2016-05-08 17:35 - 00000000 ____D C:\ProgramData\Chocolatey
2016-05-08 09:39 - 2016-05-14 13:13 - 00000000 ____D C:\Users\Daniel\Documents\UserTesting
2016-05-08 09:37 - 2016-05-08 09:38 - 17797624 _____ C:\Users\Daniel\Downloads\InstallUserTesting-v2.0.exe
2016-05-07 15:32 - 2016-05-14 21:16 - 00000460 _____ C:\Users\Daniel\Desktop\aopsanswer.txt
2016-05-06 19:58 - 2016-05-14 13:13 - 00000000 ____D C:\windows\rescache
2016-05-06 19:03 - 2016-05-16 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack
2016-05-06 19:03 - 2016-05-06 19:03 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-05-06 19:02 - 2016-05-14 13:10 - 00000000 ___HD C:\W7P_Backups
2016-05-06 18:52 - 2016-05-06 18:52 - 16877897 _____ C:\Users\Daniel\Downloads\Forests.themepack
2016-05-06 18:19 - 2016-05-06 18:19 - 00218236 ____H C:\windows\SysWOW64\mlfcache.dat
2016-05-06 18:19 - 2016-05-06 18:19 - 00000000 ____D C:\ProgramData\Apple Computer
2016-05-06 17:43 - 2016-05-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MetroSidebar
2016-05-06 17:43 - 2016-05-06 18:45 - 00003100 _____ C:\windows\System32\Tasks\ReviverSoft Start Menu Reviver Run once task
2016-05-06 17:42 - 2016-05-14 13:13 - 00000000 ____D C:\SkinPack
2016-05-06 17:40 - 2016-05-06 17:41 - 22744286 _____ C:\Users\Daniel\Downloads\SkinPack Windows10 V10.0.sfx.exe
2016-05-05 20:25 - 2016-05-11 20:43 - 00001152 _____ C:\Users\Daniel\Desktop\designerApp.txt
2016-05-05 20:20 - 2016-05-16 20:55 - 00000000 ____D C:\Users\Daniel\Desktop\CPPS
2016-05-05 17:52 - 2016-05-16 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 17:52 - 2016-05-16 13:21 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-05 17:52 - 2016-05-05 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-05 17:50 - 2016-05-05 17:50 - 00242120 _____ C:\Users\Daniel\Downloads\Firefox Setup Stub 46.0.1.exe
2016-05-04 15:39 - 2016-05-04 15:39 - 07635472 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\GetWindows10-Web_Default_Attr.exe
2016-05-03 20:11 - 2016-05-03 20:11 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Pinta
2016-05-03 20:11 - 2016-05-03 20:11 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\mono.addins
2016-05-03 20:10 - 2016-05-03 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinta
2016-05-03 20:10 - 2016-05-03 20:10 - 00000000 ____D C:\Program Files (x86)\Pinta
2016-05-03 20:10 - 2016-05-03 20:10 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2016-05-03 20:09 - 2016-05-03 20:09 - 02629149 _____ (Pinta Community) C:\Users\Daniel\Downloads\pinta-1.6.exe
2016-05-03 19:12 - 2016-05-03 19:12 - 00498205 _____ C:\Users\Daniel\Downloads\Mine (1).swf
2016-05-03 19:05 - 2016-05-03 19:05 - 00525434 _____ C:\Users\Daniel\Downloads\Mine.swf
2016-05-02 20:09 - 2016-05-02 20:09 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NuGet
2016-05-02 19:57 - 2016-05-02 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2016-05-02 19:57 - 2016-05-02 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-05-02 19:56 - 2016-05-02 19:56 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2016-05-02 19:55 - 2016-05-02 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2016-05-02 19:53 - 2016-05-13 17:31 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2013
2016-05-02 19:53 - 2016-05-02 19:53 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2016-05-02 19:50 - 2016-05-02 19:50 - 00000000 ____D C:\Program Files (x86)\AppInsights
2016-05-02 19:46 - 2016-05-02 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2016-05-02 19:46 - 2016-05-02 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-02 19:46 - 2016-05-02 19:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-05-02 19:45 - 2016-05-02 19:45 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-05-02 19:45 - 2016-05-02 19:45 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-05-02 19:42 - 2016-05-02 19:52 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-05-02 19:42 - 2016-05-02 19:42 - 00000000 ____D C:\Program Files\Application Verifier
2016-05-02 19:42 - 2016-05-02 19:42 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2016-05-02 19:41 - 2016-05-02 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-05-02 19:40 - 2016-05-02 19:40 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2016-05-02 19:39 - 2016-05-02 19:40 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-05-02 19:38 - 2016-05-02 19:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-05-02 19:37 - 2016-05-02 19:51 - 00000000 ____D C:\Program Files\IIS Express
2016-05-02 19:37 - 2016-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-05-02 19:37 - 2016-05-02 19:37 - 00000000 ____D C:\ProgramData\NuGet
2016-05-02 19:37 - 2016-05-02 19:37 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-05-02 19:37 - 2016-05-02 19:37 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-05-02 19:36 - 2016-05-02 19:36 - 00000000 ____D C:\Program Files\IIS
2016-05-02 19:36 - 2016-05-02 19:36 - 00000000 ____D C:\Program Files (x86)\IIS
2016-05-02 19:35 - 2016-05-02 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-05-02 19:33 - 2016-05-02 19:33 - 00000000 ____D C:\Program Files\Windows Identity Foundation
2016-05-02 19:33 - 2016-05-02 19:33 - 00000000 ____D C:\Program Files\Microsoft Identity Extensions
2016-05-02 19:33 - 2016-05-02 19:33 - 00000000 ____D C:\Program Files (x86)\Workflow Manager Tools
2016-05-02 19:33 - 2016-05-02 19:33 - 00000000 ____D C:\Program Files (x86)\Windows Identity Foundation
2016-05-02 19:33 - 2016-05-02 19:33 - 00000000 ____D C:\Program Files (x86)\Open XML SDK
2016-05-02 19:32 - 2016-05-02 19:32 - 00000000 ____D C:\Program Files\SharePoint Client Components
2016-05-02 19:27 - 2016-05-02 19:34 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-05-02 19:27 - 2016-05-02 19:27 - 00000000 ____D C:\windows\symbols
2016-05-02 19:27 - 2016-05-02 19:27 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-05-02 19:27 - 2016-05-02 19:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-05-02 19:27 - 2016-05-02 19:27 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2016-05-02 19:24 - 2016-05-14 13:13 - 00000000 ____D C:\windows\SysWOW64\1033
2016-05-02 19:24 - 2016-05-11 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2016-05-02 19:24 - 2016-05-02 20:00 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-05-02 19:24 - 2016-05-02 20:00 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-05-02 19:24 - 2016-05-02 19:24 - 00001543 _____ C:\Users\Daniel\Desktop\Visual Studio 2013.lnk
2016-05-02 19:17 - 2016-05-02 19:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-05-02 19:16 - 2016-05-14 13:13 - 00000000 ____D C:\windows\system32\1033
2016-05-02 19:16 - 2016-05-02 19:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-05-02 19:16 - 2016-05-02 19:16 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-05-02 19:11 - 2016-05-02 19:32 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-02 19:10 - 2016-05-02 19:11 - 01266280 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vs_professional.exe
2016-05-02 18:58 - 2016-05-02 18:58 - 00091902 _____ C:\Users\Daniel\Downloads\iSkype.rar
2016-05-02 18:55 - 2016-05-02 18:55 - 00490621 _____ C:\Users\Daniel\Downloads\TehMerkMods.zip
2016-05-02 18:34 - 2016-04-20 17:10 - 00268352 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2016-05-02 18:34 - 2016-04-20 17:10 - 00191552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2016-05-02 18:34 - 2016-04-20 17:10 - 00191040 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2016-05-02 18:34 - 2016-04-20 17:10 - 00153088 _____ (Oracle Corporation) C:\windows\SysWOW64\javacpl.cpl
2016-05-02 18:33 - 2012-10-29 16:00 - 01233920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml4.dll
2016-05-02 18:33 - 2009-06-04 15:28 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml4r.dll
2016-05-02 18:33 - 2009-06-04 15:28 - 00044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml4a.dll
2016-05-02 18:32 - 2016-05-02 18:32 - 20164862 _____ C:\Users\Daniel\Downloads\swfquicker.zip
2016-05-01 20:47 - 2016-05-01 20:47 - 00005825 _____ C:\Users\Daniel\Desktop\IceyCP.swf
2016-05-01 20:35 - 2016-05-01 20:35 - 04098856 _____ C:\Users\Daniel\Downloads\sbsetup.exe
2016-05-01 18:09 - 2016-05-11 17:12 - 00000000 ____D C:\Users\Daniel\Desktop\SWF
2016-05-01 17:28 - 2016-05-02 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2016-05-01 17:28 - 2016-05-02 18:33 - 00000000 ____D C:\Program Files (x86)\SourceTec
2016-05-01 17:28 - 2016-05-01 17:26 - 42346035 _____ C:\Users\Daniel\Desktop\swfdec.zip
2016-05-01 17:14 - 2016-05-01 17:26 - 42346035 _____ C:\Users\Daniel\Downloads\swfdec.zip
2016-05-01 10:47 - 2016-05-16 21:37 - 00000000 ____D C:\Users\Daniel\Documents\Adobe
2016-05-01 10:13 - 2016-05-10 17:50 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-05-01 10:13 - 2016-05-01 10:13 - 00003506 _____ C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-Daniel-HP-Daniel
2016-05-01 10:13 - 2016-05-01 10:13 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Adobe
2016-05-01 10:09 - 2016-05-14 13:06 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-01 10:08 - 2016-05-14 13:05 - 00000000 ____D C:\Program Files\Adobe
2016-05-01 10:02 - 2016-05-03 15:09 - 00000000 ___RD C:\Users\Daniel\Creative Cloud Files
2016-05-01 10:02 - 2016-05-03 15:09 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-05-01 10:00 - 2016-05-01 10:00 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-05-01 09:56 - 2016-05-14 13:07 - 00000000 ____D C:\ProgramData\Adobe
2016-05-01 09:56 - 2016-05-14 13:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-01 09:51 - 2016-05-01 09:51 - 00695488 _____ (Adobe Systems Incorporated) C:\Users\Daniel\Downloads\CreativeCloudSet-Up.exe
2016-05-01 09:13 - 2016-05-01 20:40 - 00000000 ____D C:\ProgramData\Betternet
2016-05-01 09:13 - 2016-05-01 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-05-01 09:13 - 2016-05-01 09:13 - 00000000 ____D C:\Program Files\TAP-Windows
2016-05-01 09:13 - 2016-05-01 09:13 - 00000000 ____D C:\Program Files (x86)\OpenVPN
2016-05-01 09:11 - 2016-05-01 09:11 - 08973864 _____ (Betternet Technologies Inc.) C:\Users\Daniel\Downloads\BetternetForWindows.exe
2016-04-30 10:56 - 2016-04-30 10:56 - 00000000 ____D C:\Users\Daniel\Documents\Lightshot
2016-04-30 10:48 - 2016-04-30 10:48 - 02530408 _____ (Skillbrains ) C:\Users\Daniel\Downloads\setup-lightshot.exe
2016-04-30 10:48 - 2016-04-30 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-04-30 10:48 - 2016-04-30 10:48 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2016-04-30 10:32 - 2016-05-17 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon
2016-04-30 10:32 - 2016-05-14 13:13 - 00000000 ____D C:\windows\SysWOW64\PolicyDefinitions
2016-04-30 10:32 - 2016-04-30 10:32 - 02691400 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\SpybotAntiBeacon-1.5-setup.exe
2016-04-30 10:32 - 2016-04-30 10:32 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2016-04-30 10:32 - 2016-04-30 10:32 - 00000000 ____D C:\Program Files (x86)\Spybot Anti-Beacon
2016-04-30 10:19 - 2016-04-30 10:19 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-04-30 10:18 - 2016-04-30 10:28 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-30 10:17 - 2016-04-30 10:17 - 05168096 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online.exe
2016-04-30 10:08 - 2016-05-16 21:41 - 00000000 ____D C:\ProgramData\WRData
2016-04-30 10:08 - 2016-05-16 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2016-04-30 10:08 - 2016-05-14 13:19 - 00182200 _____ (Webroot) C:\windows\SysWOW64\WRusr.dll
2016-04-30 10:08 - 2016-05-14 13:19 - 00117304 _____ (Webroot) C:\windows\system32\WRusr.dll
2016-04-30 10:08 - 2016-05-14 13:13 - 00000000 ____D C:\Program Files\Webroot
2016-04-30 10:08 - 2016-05-14 13:12 - 00000000 ____D C:\Program Files\Common Files\Webroot
2016-04-30 10:08 - 2016-04-30 10:08 - 00117728 _____ (Webroot) C:\windows\system32\Drivers\WRkrn.sys
2016-04-30 10:08 - 2016-04-30 10:08 - 00054512 ____T (Webroot) C:\windows\system32\Drivers\wrUrlFlt.sys
2016-04-30 10:06 - 2016-04-30 10:07 - 00873072 _____ (Webroot) C:\Users\Daniel\Downloads\wsabbs2.exe
2016-04-28 16:56 - 2016-05-14 13:12 - 00000000 ____D C:\Users\Daniel\Desktop\cursors
2016-04-28 16:52 - 2016-04-28 16:48 - 00000639 _____ C:\Users\Daniel\Desktop\readme.txt
2016-04-28 16:50 - 2016-04-28 16:50 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RealWorld
2016-04-28 16:50 - 2016-04-28 16:50 - 00000000 ____D C:\Program Files\RealWorld Change Cursor
2016-04-28 16:49 - 2016-04-28 16:49 - 00296960 _____ C:\Users\Daniel\Downloads\RWChangeCursor64.msi
2016-04-28 16:48 - 2016-04-28 16:48 - 00387958 _____ C:\Users\Daniel\Downloads\x-steel-blue.zip
2016-04-27 18:38 - 2016-05-05 17:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mozilla
2016-04-27 18:37 - 2016-05-08 19:09 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-04-27 18:35 - 2016-05-17 09:01 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-04-27 18:32 - 2016-04-27 18:34 - 312530592 _____ (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks2_native.exe
2016-04-27 17:59 - 2016-04-27 17:59 - 03389204 _____ C:\Users\Daniel\Downloads\gramblr2_win64.zip
2016-04-27 17:59 - 2016-04-27 17:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\WildTangent
2016-04-27 15:16 - 2016-04-27 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-04-27 15:16 - 2016-04-27 15:16 - 00000000 ____D C:\Program Files\Oracle
2016-04-27 15:13 - 2016-04-27 15:14 - 106450632 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\VirtualBox-4.2.36-104064-Win.exe
2016-04-26 20:58 - 2016-04-26 20:58 - 00003172 _____ C:\windows\System32\Tasks\{32F2B639-8D78-46EE-AD41-CF392B82A75C}
2016-04-26 20:43 - 2016-05-12 16:41 - 742850560 _____ C:\Users\Daniel\Desktop\Mac OS X Yosemite Niresh Intel And AMD.vmdk
2016-04-26 20:38 - 2016-04-26 20:34 - 2203325158 _____ C:\Users\Daniel\Desktop\Mac OS X Yosemite Niresh Intel and AMD Images.rar
2016-04-26 20:37 - 2016-04-26 20:37 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2016-04-26 20:37 - 2016-04-26 20:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\WinRAR
2016-04-26 20:37 - 2016-04-26 20:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-26 20:37 - 2016-04-26 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-26 20:36 - 2016-04-26 20:37 - 00000000 ____D C:\Program Files\WinRAR
2016-04-26 20:35 - 2016-04-26 20:35 - 01992496 _____ C:\Users\Daniel\Downloads\winrar-x64-531.exe
2016-04-26 20:32 - 2016-04-26 20:34 - 2203325158 _____ C:\Users\Daniel\Downloads\Mac OS X Yosemite Niresh Intel and AMD Images.rar
2016-04-26 17:18 - 2016-05-14 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-04-26 17:18 - 2016-04-26 17:18 - 00000981 _____ C:\Users\Daniel\Desktop\Minecraft.lnk
2016-04-26 17:18 - 2016-04-26 17:18 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-04-26 17:17 - 2016-04-26 17:17 - 02314240 _____ C:\Users\Daniel\Downloads\MinecraftInstaller.msi
2016-04-26 17:16 - 2016-04-26 17:16 - 00000000 ____D C:\Users\Daniel\Documents\Custom Office Templates
2016-04-26 17:14 - 2016-05-05 19:43 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Foxit Software
2016-04-26 17:10 - 2016-04-26 17:10 - 00001024 _____ C:\windows\SysWOW64\%TMP%
2016-04-26 17:05 - 2016-04-26 17:06 - 307937320 _____ (VMware, Inc.) C:\Users\Daniel\Downloads\VMware-workstation-full-12.1.1-3770994.exe
2016-04-26 17:03 - 2016-04-26 17:04 - 00003180 _____ C:\Users\Daniel\Downloads\post_reply.htm
2016-04-26 17:00 - 2016-04-26 17:00 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-04-26 16:59 - 2016-04-26 17:22 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-25 19:10 - 2016-04-25 19:10 - 04284928 _____ (Pokki) C:\Users\Daniel\Downloads\PokkiInstaller.exe
2016-04-23 16:06 - 2016-04-25 19:16 - 00001251 _____ C:\Users\Daniel\Desktop\answer2aops.txt
2016-04-23 15:47 - 2016-04-23 15:46 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-04-23 15:46 - 2016-04-23 15:46 - 57666112 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\jre-8u91-windows-x64.exe
2016-04-23 15:46 - 2016-04-23 15:46 - 00000000 ____D C:\Program Files\Java
2016-04-23 15:43 - 2016-05-14 13:12 - 00000000 ____D C:\Users\Daniel\Desktop\eclipse
2016-04-23 15:43 - 2016-04-24 16:25 - 00000000 ____D C:\Users\Daniel\.p2
2016-04-23 15:43 - 2016-04-23 15:43 - 00000000 ____D C:\Users\Daniel\.eclipse
2016-04-23 15:40 - 2016-04-23 15:41 - 175209304 _____ C:\Users\Daniel\Downloads\eclipse-java-mars-2-win32-x86_64.zip
2016-04-23 15:38 - 2016-05-16 21:37 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-04-23 15:38 - 2016-04-23 15:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Notepad++
2016-04-23 15:38 - 2016-04-23 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-04-23 15:37 - 2016-04-23 15:37 - 04203840 _____ C:\Users\Daniel\Downloads\npp.6.9.1.Installer.exe
2016-04-23 15:28 - 2016-04-23 15:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenOffice
2016-04-23 15:26 - 2016-04-23 15:26 - 00000000 ___SD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-04-23 15:26 - 2016-04-23 15:26 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-04-23 15:20 - 2016-05-14 13:12 - 00000000 ____D C:\Users\Daniel\Desktop\OpenOffice 4.1.2 (en-US) Installation Files
2016-04-23 15:18 - 2016-04-23 15:19 - 140783556 _____ C:\Users\Daniel\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_en-US.exe
2016-04-23 14:18 - 2016-04-23 14:23 - 737148928 _____ C:\Users\Daniel\Downloads\xubuntu-12.04.4-desktop-i386.iso
2016-04-23 13:36 - 2016-04-26 17:34 - 00000000 ____D C:\Users\Daniel\Documents\Virtual Machines
2016-04-23 13:28 - 2016-04-23 13:38 - 712793453 _____ C:\Users\Daniel\Downloads\Browser-Appliance-38.3.7z
2016-04-23 13:26 - 2016-04-23 13:35 - 632291328 _____ C:\Users\Daniel\Downloads\CentOS-7-x86_64-Minimal-1511.iso
2016-04-23 13:23 - 2016-05-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\VMware
2016-04-23 13:18 - 2016-04-23 13:19 - 100966520 _____ (VMware, Inc.) C:\Users\Daniel\Downloads\VMware-player-6.0.7-2844087.exe
2016-04-23 13:07 - 2016-04-23 13:15 - 1079640064 _____ C:\Users\Daniel\Downloads\kali-linux-light-2016.1-i386.iso
2016-04-23 10:17 - 2016-05-06 18:19 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2016-04-22 18:26 - 2016-04-22 18:31 - 759169024 _____ C:\Users\Daniel\Downloads\archlinux-2016.04.01-dual.iso
2016-04-22 15:08 - 2016-04-26 20:48 - 00000000 ____D C:\Users\Daniel\VirtualBox VMs
2016-04-22 15:07 - 2016-04-22 16:34 - 329252864 _____ C:\Users\Daniel\Downloads\openSUSE-13.2-DVD-i586.iso
2016-04-22 14:55 - 2016-05-16 21:37 - 00000000 ____D C:\Users\Daniel\.VirtualBox
2016-04-22 14:55 - 2015-11-10 23:03 - 00904176 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxDrv.sys
2016-04-22 14:54 - 2015-11-10 23:02 - 00119352 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxUSBMon.sys
2016-04-22 14:18 - 2016-04-22 14:51 - 113154016 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\VirtualBox-5.0.18-106667-Win.exe
2016-04-22 13:54 - 2016-04-22 13:54 - 00042025 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v4.2 - Basic.zip
2016-04-22 13:40 - 2016-04-22 13:40 - 00030926 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v6.0.82 BETA - Lite.zip
2016-04-22 13:37 - 2016-04-22 13:37 - 00000222 _____ C:\Users\Daniel\Desktop\Warframe.url
2016-04-22 13:31 - 2016-04-22 13:31 - 00000219 _____ C:\Users\Daniel\Desktop\Team Fortress 2.url
2016-04-22 12:40 - 2016-04-22 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-22 12:39 - 2016-04-22 12:39 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-22 12:39 - 2016-04-22 12:39 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Apple Computer
2016-04-22 12:39 - 2016-04-22 12:39 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-04-22 12:37 - 2016-04-22 12:37 - 41896256 _____ (Apple Inc.) C:\Users\Daniel\Downloads\QuickTimeInstaller.exe
2016-04-22 11:38 - 2016-04-22 11:38 - 00000000 ____D C:\Users\Daniel\Tracing
2016-04-22 11:32 - 2016-05-17 18:04 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2016-04-22 11:32 - 2016-04-22 11:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-22 11:32 - 2016-04-22 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-22 11:31 - 2016-04-22 11:31 - 01505408 _____ (Skype Technologies S.A.) C:\Users\Daniel\Downloads\SkypeSetup.exe
2016-04-21 21:11 - 2016-05-14 13:13 - 00000000 ___SD C:\windows\system32\GWX
2016-04-21 21:11 - 2016-04-21 21:11 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-04-21 21:00 - 2015-01-08 19:44 - 00419936 _____ C:\windows\SysWOW64\locale.nls
2016-04-21 21:00 - 2015-01-08 19:43 - 00419936 _____ C:\windows\system32\locale.nls
2016-04-21 20:30 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-04-21 20:30 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-04-21 20:30 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-04-21 20:30 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-04-21 20:30 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-04-21 20:30 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-04-21 20:29 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-04-21 20:29 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-04-21 19:19 - 2016-03-06 14:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-21 19:19 - 2016-03-06 14:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-21 19:19 - 2016-03-06 14:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-21 19:19 - 2016-03-06 14:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-21 19:19 - 2016-01-20 20:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-21 19:19 - 2015-11-13 19:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-04-21 19:19 - 2015-11-13 19:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-04-21 19:19 - 2015-11-13 19:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-04-21 19:19 - 2015-11-13 18:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-04-21 19:19 - 2015-11-13 18:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-04-21 19:19 - 2015-11-13 18:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-04-21 19:19 - 2015-11-03 15:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-04-21 19:19 - 2015-11-03 14:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-04-21 19:19 - 2015-08-05 13:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2016-04-21 19:19 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2016-04-21 19:19 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-04-21 19:19 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-04-21 19:19 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-04-21 19:19 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-04-21 19:19 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2016-04-21 19:19 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2016-04-21 19:19 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-04-21 19:19 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-04-21 19:19 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2016-04-21 19:19 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2016-04-21 19:19 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2016-04-21 19:19 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2016-04-21 19:19 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-04-21 19:19 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-04-21 19:19 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-04-21 19:19 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-04-21 19:19 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-04-21 19:19 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-04-21 19:19 - 2011-11-17 02:35 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-04-21 19:19 - 2011-11-17 01:35 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-04-21 19:18 - 2016-02-12 14:52 - 03169792 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-04-21 19:18 - 2016-02-12 14:52 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-04-21 19:18 - 2016-02-12 14:52 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-04-21 19:18 - 2016-02-12 14:44 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-04-21 19:18 - 2016-02-12 14:39 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-04-21 19:18 - 2016-02-12 14:22 - 02610688 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-04-21 19:18 - 2016-02-12 14:19 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-04-21 19:18 - 2016-02-12 14:18 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-04-21 19:18 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-04-21 19:18 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-04-21 19:18 - 2016-02-12 14:18 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-04-21 19:18 - 2016-02-12 14:18 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-04-21 19:18 - 2016-02-12 14:06 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-04-21 19:18 - 2016-02-12 14:05 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-04-21 19:18 - 2016-02-12 14:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-04-21 19:18 - 2016-02-12 14:05 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-04-21 19:18 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-04-21 19:18 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-04-21 19:18 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-04-21 19:17 - 2016-03-15 20:22 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-21 19:17 - 2016-03-15 20:22 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-21 19:17 - 2016-03-15 20:16 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-21 19:17 - 2016-03-15 20:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-21 19:17 - 2016-03-15 20:15 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-21 19:17 - 2016-03-15 20:15 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-21 19:17 - 2016-03-15 20:15 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-21 19:17 - 2016-03-15 20:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-21 19:17 - 2016-03-15 20:14 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-21 19:17 - 2016-03-15 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-21 19:17 - 2016-03-15 20:13 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-21 19:17 - 2016-03-15 20:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-21 19:17 - 2016-03-15 20:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-21 19:17 - 2016-03-15 20:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-21 19:17 - 2016-03-15 19:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-21 19:17 - 2016-03-15 19:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-21 19:17 - 2016-03-15 19:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-21 19:17 - 2016-03-15 19:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-21 19:17 - 2016-03-15 19:53 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-21 19:17 - 2016-03-15 19:53 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-04-21 19:17 - 2016-03-15 19:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-21 19:17 - 2016-03-15 19:53 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-21 19:17 - 2016-03-15 19:52 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-21 19:17 - 2016-03-15 19:52 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-21 19:17 - 2016-03-15 19:52 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-21 19:17 - 2016-03-15 19:52 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-21 19:17 - 2016-03-15 19:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-21 19:17 - 2016-03-15 19:51 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-21 19:17 - 2016-03-15 19:51 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-21 19:17 - 2016-03-15 19:51 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-21 19:17 - 2016-03-15 19:16 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-21 19:17 - 2016-03-15 19:05 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-21 19:17 - 2016-03-15 19:03 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-21 19:17 - 2016-03-15 19:02 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-21 19:17 - 2016-03-15 19:02 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-21 19:17 - 2016-03-15 19:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-21 19:17 - 2016-03-15 18:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-21 19:17 - 2016-02-11 14:56 - 05572032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-21 19:17 - 2016-02-11 14:52 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-21 19:17 - 2016-02-11 14:49 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-21 19:17 - 2016-02-11 14:49 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-21 19:17 - 2016-02-11 14:49 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-21 19:17 - 2016-02-11 14:49 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-21 19:17 - 2016-02-11 14:48 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-21 19:17 - 2016-02-11 14:48 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-21 19:17 - 2016-02-11 14:47 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-21 19:17 - 2016-02-11 14:44 - 03994560 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-21 19:17 - 2016-02-11 14:44 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-21 19:17 - 2016-02-11 14:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-21 19:17 - 2016-02-11 14:44 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-21 19:17 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:38 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-21 19:17 - 2016-02-11 14:38 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-21 19:17 - 2016-02-11 14:38 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-21 19:17 - 2016-02-11 14:37 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 13:41 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-21 19:17 - 2016-02-11 13:40 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-21 19:17 - 2016-02-11 13:32 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-21 19:17 - 2016-02-11 13:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-21 19:17 - 2016-02-11 13:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-21 19:17 - 2016-02-11 13:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-21 19:17 - 2016-02-11 13:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-21 19:17 - 2016-02-11 13:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 13:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-21 19:17 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-21 19:17 - 2016-02-04 21:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-04-21 19:17 - 2016-02-04 14:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-04-21 19:17 - 2016-02-03 14:58 - 00862208 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-04-21 19:17 - 2016-02-03 14:52 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-04-21 19:17 - 2016-02-03 14:49 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-04-21 19:17 - 2016-02-03 14:43 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-04-21 19:17 - 2016-01-11 15:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-04-21 19:17 - 2016-01-07 13:42 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-04-21 19:17 - 2015-10-01 14:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-21 19:17 - 2015-10-01 14:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-21 19:17 - 2015-10-01 14:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-04-21 19:17 - 2015-10-01 14:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-04-21 19:17 - 2015-10-01 14:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-04-21 19:17 - 2015-10-01 14:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-04-21 19:17 - 2015-10-01 14:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-04-21 19:17 - 2015-10-01 13:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-04-21 19:17 - 2015-10-01 13:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-04-21 19:17 - 2015-09-23 09:18 - 00459344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-21 19:17 - 2015-09-23 09:18 - 00298192 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-04-21 19:17 - 2015-09-23 09:08 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-04-21 19:17 - 2015-07-30 14:06 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-04-21 19:17 - 2015-07-30 13:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2016-04-21 19:17 - 2015-07-30 13:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2016-04-21 19:17 - 2015-07-30 13:57 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-04-21 19:17 - 2015-07-30 13:57 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-04-21 19:17 - 2015-07-30 13:57 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-04-21 19:17 - 2015-07-30 13:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-04-21 19:17 - 2015-07-30 12:56 - 03208192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-21 19:17 - 2015-07-30 12:52 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-04-21 19:17 - 2015-07-30 12:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-04-21 19:17 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2016-04-21 19:17 - 2015-07-01 16:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2016-04-21 19:17 - 2015-07-01 16:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2016-04-21 19:17 - 2015-07-01 16:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2016-04-21 19:17 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-04-21 19:17 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-04-21 19:17 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-04-21 19:17 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-04-21 19:17 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-04-21 19:17 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-04-21 19:17 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-04-21 19:17 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-04-21 19:17 - 2015-06-03 16:16 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-04-21 19:17 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2016-04-21 19:17 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2016-04-21 19:17 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2016-04-21 19:17 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2016-04-21 19:16 - 2016-02-09 05:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-04-21 19:16 - 2016-01-22 02:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-04-21 19:16 - 2016-01-22 02:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-04-21 19:16 - 2016-01-22 02:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-21 19:16 - 2016-01-22 02:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-04-21 19:16 - 2016-01-22 02:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-04-21 19:16 - 2016-01-22 02:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-21 19:16 - 2016-01-22 02:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-21 19:16 - 2015-12-08 17:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-04-21 19:16 - 2015-12-08 17:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-04-21 19:16 - 2015-12-08 15:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-04-21 19:16 - 2015-12-08 15:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-04-21 19:16 - 2015-07-22 20:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-04-21 19:16 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2016-04-21 19:16 - 2015-07-22 13:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2016-04-21 19:16 - 2015-07-22 12:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-04-21 19:16 - 2015-06-25 06:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-04-21 19:16 - 2015-06-25 06:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-04-21 19:16 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2016-04-21 19:16 - 2015-02-24 23:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2016-04-21 19:16 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2016-04-21 19:16 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2016-04-21 19:15 - 2016-03-31 15:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-21 19:15 - 2016-03-31 14:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-21 19:15 - 2016-03-30 20:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-21 19:15 - 2016-03-30 20:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-21 19:15 - 2016-03-30 20:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-21 19:15 - 2016-03-30 20:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-21 19:15 - 2016-03-30 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-21 19:15 - 2016-03-30 20:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-21 19:15 - 2016-03-30 20:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-21 19:15 - 2016-03-30 20:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-21 19:15 - 2016-03-30 20:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-21 19:15 - 2016-03-30 20:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-21 19:15 - 2016-03-30 20:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-21 19:15 - 2016-03-30 20:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-21 19:15 - 2016-03-30 20:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-21 19:15 - 2016-03-30 20:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-21 19:15 - 2016-03-30 20:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-21 19:15 - 2016-03-30 20:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-21 19:15 - 2016-03-30 20:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-21 19:15 - 2016-03-30 20:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-21 19:15 - 2016-03-30 20:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-21 19:15 - 2016-03-30 20:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-21 19:15 - 2016-03-30 20:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-21 19:15 - 2016-03-30 19:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-21 19:15 - 2016-03-30 19:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-21 19:15 - 2016-03-30 19:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-21 19:15 - 2016-03-30 19:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-21 19:15 - 2016-03-30 19:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-21 19:15 - 2016-03-30 19:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-21 19:15 - 2016-03-30 19:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-21 19:15 - 2016-03-30 19:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-21 19:15 - 2016-03-30 19:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-21 19:15 - 2016-03-30 19:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-21 19:15 - 2016-03-30 19:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-21 19:15 - 2016-03-30 19:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-21 19:15 - 2016-03-30 19:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-21 19:15 - 2016-03-30 19:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-21 19:15 - 2016-03-30 19:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-21 19:15 - 2016-03-30 19:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-21 19:15 - 2016-03-30 19:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-21 19:15 - 2016-03-30 19:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-21 19:15 - 2016-03-30 19:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-21 19:15 - 2016-03-30 19:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-21 19:15 - 2016-03-30 19:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-21 19:15 - 2016-03-30 19:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-21 19:15 - 2016-03-30 19:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-21 19:15 - 2016-03-30 19:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-21 19:15 - 2016-03-30 19:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-21 19:15 - 2016-03-30 19:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-21 19:15 - 2016-03-30 19:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-21 19:15 - 2016-03-30 19:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-21 19:15 - 2016-03-30 19:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-21 19:15 - 2016-03-30 19:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-21 19:15 - 2016-03-30 19:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-21 19:15 - 2016-03-30 19:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-21 19:15 - 2016-03-30 19:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-21 19:15 - 2016-03-30 19:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-21 19:15 - 2016-03-30 19:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-21 19:15 - 2016-03-30 19:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-21 19:15 - 2016-03-30 19:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-21 19:15 - 2016-03-30 19:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-21 19:15 - 2016-03-30 19:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-21 19:15 - 2016-03-30 19:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-21 19:15 - 2016-03-30 19:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-21 19:15 - 2016-01-22 02:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-21 19:15 - 2016-01-22 02:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-21 19:15 - 2016-01-22 02:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-04-21 19:15 - 2016-01-22 02:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-21 19:15 - 2016-01-22 02:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-21 19:15 - 2016-01-22 01:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-04-21 19:15 - 2016-01-22 01:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-21 19:15 - 2016-01-22 01:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-21 19:15 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-04-21 19:15 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-04-21 19:15 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-04-21 19:15 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2016-04-21 19:15 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-04-21 19:15 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-04-21 19:15 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-04-21 19:15 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-04-21 19:15 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-04-21 19:15 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2016-04-21 19:15 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2016-04-21 19:15 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-04-21 19:15 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-04-21 19:14 - 2016-03-30 20:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-21 19:14 - 2016-03-30 19:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-21 19:14 - 2015-03-04 00:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-04-21 19:14 - 2015-03-04 00:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-04-21 19:14 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-04-21 16:33 - 2016-04-21 16:33 - 03207906 _____ C:\Users\Daniel\Downloads\LabyMod_v2.7.7_mc1.8.8 (2).jar
2016-04-21 16:00 - 2016-04-21 16:00 - 01653955 _____ C:\Users\Daniel\Downloads\OptiFine_1.8.8_HD_U_H5.jar
2016-04-21 16:00 - 2016-04-21 16:00 - 00023791 _____ C:\Users\Daniel\Downloads\ToggleSneak_v5_mc1.8.8.zip
2016-04-21 15:59 - 2016-04-21 15:59 - 03410268 _____ C:\Users\Daniel\Downloads\The 5zig Mod v3.5.8 for Minecraft 1.8.8.jar
2016-04-21 15:18 - 2016-04-21 15:18 - 00042989 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v5.0.6 Lite.zip
2016-04-21 15:17 - 2016-04-21 15:17 - 00042989 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v5.0.6 Medium.zip
2016-04-21 15:12 - 2016-05-07 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2016-04-21 15:12 - 2016-04-21 15:12 - 00001177 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-04-21 15:10 - 2016-04-21 15:10 - 31414688 _____ (TeamSpeak Systems GmbH) C:\Users\Daniel\Downloads\TeamSpeak3-Client-win64-3.0.19.exe
2016-04-20 22:43 - 2016-05-14 13:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Macromedia
2016-04-20 22:43 - 2016-05-13 21:56 - 00000000 __SHD C:\Users\Daniel\AppData\LocalLow\EmieUserList
2016-04-20 22:43 - 2016-05-13 21:56 - 00000000 __SHD C:\Users\Daniel\AppData\LocalLow\EmieSiteList
2016-04-20 22:43 - 2016-05-13 21:56 - 00000000 __SHD C:\Users\Daniel\AppData\LocalLow\EmieBrowserModeList
2016-04-20 22:42 - 2016-04-20 22:42 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ATI
2016-04-20 22:41 - 2016-05-17 18:48 - 00003934 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{643BAC76-2806-421F-838D-7ABACA1A2C4F}
2016-04-20 22:41 - 2016-05-16 13:21 - 00000993 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-20 22:41 - 2016-05-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2016-04-20 22:41 - 2016-04-20 22:41 - 00000184 _____ C:\windows\insFileSpec
2016-04-20 22:41 - 2016-04-20 22:41 - 00000000 ____D C:\Users\Daniel\Documents\My Received Files
2016-04-20 22:40 - 2016-05-17 16:11 - 00000000 ____D C:\Users\Daniel
2016-04-20 22:40 - 2016-04-20 22:40 - 00003290 _____ C:\windows\System32\Tasks\RMCreator
2016-04-20 22:40 - 2016-04-20 22:40 - 00000020 ___SH C:\Users\Daniel\ntuser.ini
2016-04-20 22:40 - 2016-04-20 22:40 - 00000000 _SHDL C:\Users\Daniel\My Documents
2016-04-20 22:40 - 2016-04-20 22:40 - 00000000 _SHDL C:\Users\Daniel\Documents\My Videos
2016-04-20 22:40 - 2016-04-20 22:40 - 00000000 _SHDL C:\Users\Daniel\Documents\My Pictures
2016-04-20 22:40 - 2016-04-20 22:40 - 00000000 _SHDL C:\Users\Daniel\Documents\My Music
2016-04-20 22:40 - 2016-04-20 22:40 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Intel
2016-04-20 22:40 - 2016-04-13 04:15 - 00000000 ___HD C:\Users\Daniel\Documents\hp.system.package.metadata
2016-04-20 22:40 - 2016-04-13 04:15 - 00000000 ___HD C:\Users\Daniel\Documents\hp.applications.package.appdata
2016-04-20 22:40 - 2010-11-21 03:16 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Media Center Programs
2016-04-20 19:56 - 2016-04-20 19:56 - 04506104 _____ C:\Users\Daniel\Downloads\faithful32pack.zip
2016-04-20 19:55 - 2016-04-20 19:55 - 00039846 _____ C:\Users\Daniel\Downloads\High.Preformance-shader.zip
2016-04-20 19:53 - 2016-04-20 19:53 - 00072301 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v6.2.81 - Default.zip
2016-04-20 19:52 - 2016-04-20 19:52 - 00072297 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v6.2.81 - Ultra.zip
2016-04-20 19:50 - 2016-04-20 19:50 - 00072307 _____ C:\Users\Daniel\Downloads\KUDA-Shaders v6.2.81 - Lite.zip
2016-04-20 19:23 - 2016-04-20 19:23 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\hpqlog
2016-04-20 19:18 - 2016-04-20 19:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Hewlett-Packard
2016-04-20 18:54 - 2016-04-20 18:54 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\com.playsaurus.heroclicker
2016-04-20 18:53 - 2016-04-22 13:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-20 18:53 - 2016-04-20 18:53 - 00000222 _____ C:\Users\Daniel\Desktop\Clicker Heroes.url
2016-04-20 18:53 - 2016-04-20 18:53 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2016-04-20 18:53 - 2016-04-20 18:53 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_rzmpos_01009.Wdf
2016-04-20 18:52 - 2016-04-20 18:52 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2016-04-20 18:49 - 2016-05-15 17:18 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-20 18:49 - 2016-05-14 13:12 - 00000000 ____D C:\ProgramData\Razer
2016-04-20 18:48 - 2016-04-20 18:48 - 22506832 _____ (Razer Inc.) C:\Users\Daniel\Downloads\Razer_Synapse_Framework_V1.18.21.28549v2.exe
2016-04-20 18:29 - 2016-04-20 18:29 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-04-20 18:29 - 2016-04-20 18:29 - 00000000 ____D C:\Program Files\paint.net
2016-04-20 18:28 - 2016-05-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OBS
2016-04-20 18:28 - 2016-04-20 18:28 - 07086848 _____ C:\Users\Daniel\Downloads\OBS_0_657b_Installer.exe
2016-04-20 18:28 - 2016-04-20 18:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-04-20 18:28 - 2016-04-20 18:28 - 00000000 ____D C:\Program Files\OBS
2016-04-20 18:28 - 2016-04-20 18:28 - 00000000 ____D C:\Program Files (x86)\OBS
2016-04-20 18:21 - 2016-04-20 18:21 - 06978915 _____ C:\Users\Daniel\Downloads\paint.net.4.0.9.install.zip
2016-04-20 17:18 - 2016-04-20 17:18 - 25439599 _____ C:\Users\Daniel\Downloads\Clean PvP Pack - By ExPliZiT.zip
2016-04-20 17:13 - 2016-04-20 17:13 - 03207906 _____ C:\Users\Daniel\Downloads\LabyMod_v2.7.7_mc1.8.8 (1).jar
2016-04-20 17:13 - 2016-04-20 17:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AMD
2016-04-20 17:10 - 2016-05-02 18:34 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-20 17:10 - 2016-04-23 15:47 - 00000000 ____D C:\Users\Daniel\.oracle_jre_usage
2016-04-20 17:10 - 2016-04-23 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-20 17:10 - 2016-04-20 17:11 - 03207906 _____ C:\Users\Daniel\Downloads\LabyMod_v2.7.7_mc1.8.8.jar
2016-04-20 17:10 - 2016-04-20 17:10 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-20 17:10 - 2016-04-20 17:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sun
2016-04-20 17:10 - 2016-04-20 17:10 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Sun
2016-04-20 17:10 - 2016-04-20 17:10 - 00000000 ____D C:\ProgramData\Oracle
2016-04-20 17:09 - 2016-04-20 17:09 - 00738368 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\chromeinstall-8u91.exe
2016-04-20 17:09 - 2016-04-20 17:09 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Oracle
2016-04-20 17:08 - 2016-05-14 13:57 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\.minecraft
2016-04-20 17:08 - 2016-04-20 17:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\java
2016-04-20 17:07 - 2016-05-15 17:21 - 00001166 _____ C:\Users\Daniel\Desktop\nativelog.txt
2016-04-20 17:07 - 2016-04-20 17:08 - 00000000 ____D C:\Users\Daniel\Desktop\game
2016-04-20 17:07 - 2016-04-20 17:07 - 00000000 ____D C:\Users\Daniel\Desktop\runtime
2016-04-20 17:06 - 2016-05-17 18:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-20 17:06 - 2016-04-20 17:06 - 01380712 _____ C:\Users\Daniel\Downloads\SteamSetup.exe
2016-04-20 17:06 - 2016-04-20 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-20 17:05 - 2016-04-20 17:05 - 01247112 _____ (Mojang) C:\Users\Daniel\Downloads\Minecraft.exe
2016-04-20 16:58 - 2016-05-17 16:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-20 16:57 - 2016-04-20 16:57 - 00987728 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup.exe
2016-04-20 16:51 - 2016-05-14 13:12 - 00000000 ____D C:\Users\Daniel\Desktop\Tor Browser
2016-04-20 16:49 - 2016-04-30 10:28 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-18 15:33 - 2016-04-18 15:33 - 00192352 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxNetLwf.sys
2016-04-18 15:33 - 2016-04-18 15:33 - 00119712 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxNetAdp6.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-17 18:40 - 2009-07-14 01:13 - 00785334 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-17 18:40 - 2009-07-13 23:20 - 00000000 ____D C:\windows\inf
2016-05-17 18:36 - 2009-07-14 00:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-17 18:36 - 2009-07-14 00:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-17 18:29 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-17 18:28 - 2016-04-13 04:09 - 00065536 _____ C:\windows\system32\spu_storage.bin
2016-05-17 15:45 - 2016-04-13 04:22 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-17 15:45 - 2016-04-13 04:22 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-16 21:37 - 2013-12-03 16:17 - 00000000 ____D C:\windows\Panther
2016-05-16 13:21 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-14 13:13 - 2016-04-13 04:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-05-14 13:13 - 2016-04-13 04:22 - 00000000 ____D C:\windows\system32\Macromed
2016-05-14 13:13 - 2016-04-13 04:22 - 00000000 ____D C:\ProgramData\Skype
2016-05-14 13:13 - 2016-04-13 04:20 - 00000000 ___HD C:\windows\system32\WLANProfiles
2016-05-14 13:13 - 2016-04-13 04:20 - 00000000 ____D C:\windows\SysWOW64\sda
2016-05-14 13:13 - 2016-03-29 05:42 - 00000000 ____D C:\Users\Daniel\Desktop\Bots
2016-05-14 13:13 - 2013-07-26 03:26 - 00000000 ____D C:\Users\Daniel\Desktop\Pencil2D-dev-0.5.4b-win
2016-05-14 13:13 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-14 13:13 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\NDF
2016-05-14 13:11 - 2016-04-13 04:22 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-05-14 13:11 - 2016-04-13 04:10 - 00000000 ____D C:\windows\system32\SRSLabs
2016-05-14 13:11 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\spool
2016-05-14 13:11 - 2009-07-13 23:20 - 00000000 ____D C:\windows\registration
2016-05-14 13:10 - 2009-07-13 23:20 - 00000000 ____D C:\windows\Cursors
2016-05-13 21:31 - 2009-07-13 23:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-05-08 19:26 - 2013-12-03 16:26 - 00797872 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-05-07 12:23 - 2009-07-14 00:45 - 05149784 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-03 20:10 - 2013-12-03 16:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-02 19:45 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-05-02 19:34 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\MSBuild
2016-05-02 19:17 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-27 18:36 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-21 21:12 - 2009-07-13 23:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2016-04-21 21:12 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\Dism
2016-04-21 21:12 - 2009-07-13 23:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-04-21 21:12 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-20 22:41 - 2016-04-13 05:04 - 00000000 __RSH C:\windows\SysWOW64\Drivers\103C_HP_cPC_750-045z_Y53316J_0U_Q2MD61504W2_E15AM2RCW601_4A_I2B35_SHP_V2.0_BA0.05_T151023_W748-1_L409_M7114_J1000_7AMD_8F01_93.40_#160413_N10EC8168;808608B1_Z_G10021313_Ohp TSST DVDRW SU-208HB SATA CdRom Device.MRK
2016-04-20 22:41 - 2016-04-13 05:04 - 00000000 __RSH C:\windows\system32\Drivers\103C_HP_cPC_750-045z_Y53316J_0U_Q2MD61504W2_E15AM2RCW601_4A_I2B35_SHP_V2.0_BA0.05_T151023_W748-1_L409_M7114_J1000_7AMD_8F01_93.40_#160413_N10EC8168;808608B1_Z_G10021313_Ohp TSST DVDRW SU-208HB SATA CdRom Device.MRK
2016-04-20 22:41 - 2016-04-13 04:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-04-20 22:41 - 2016-04-13 04:22 - 00000000 ___RD C:\Program Files (x86)\Online Services
2016-04-20 22:41 - 2016-04-13 04:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-04-20 22:41 - 2016-04-13 04:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-04-20 22:41 - 2015-02-12 17:51 - 00000000 ____D C:\SWSETUP
2016-04-20 22:41 - 2013-12-03 21:02 - 00000000 _RSHD C:\SYSTEM.SAV
2016-04-20 19:24 - 2016-04-13 04:14 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-04-20 19:17 - 2016-04-13 04:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-04-20 19:14 - 2009-07-14 01:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
 
==================== Files in the root of some directories =======
 
2016-05-16 20:39 - 2016-05-16 21:41 - 0000115 _____ () C:\Users\Daniel\AppData\Roaming\LogFile.txt
2016-05-12 16:46 - 2016-05-12 16:46 - 0000218 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-04-30 10:48 - 2016-04-30 10:48 - 0000424 _____ () C:\Users\Daniel\AppData\Local\UserProducts.xml
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-14 09:08
 
==================== End of FRST.txt ============================
 
 

Attached Files



#3 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 PM

Posted 19 May 2016 - 01:38 PM

Hello Daniel and Welcome to the BleepingComputer. :welcome:  
 My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
    
I am currently reviewing your log.I will be back with a fix for your problem as soon as possible.Please be patient with me during this time.

 

=======================================
Are you still with me ?
 
Sincerely
:hello:


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#4 DanieI

DanieI
  • Topic Starter

  • Banned
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:33 AM

Posted 19 May 2016 - 03:48 PM

Hello Daniel and Welcome to the BleepingComputer. :welcome:  
 My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
    
I am currently reviewing your log.I will be back with a fix for your problem as soon as possible.Please be patient with me during this time.

 

=======================================
Are you still with me ?
 
Sincerely
:hello:

Yes, I'm still with you. Thank you for reviewing my log. If you could help me get rid of AutoConfigURL, that'd be great. It automatically sets my proxy to this "unstops.org" baloney...



#5 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 PM

Posted 22 May 2016 - 12:17 PM

Hi daniel,

 

Sorry for the long delay.

Step 1:
 FRST Script:
 Please download this attached Attached File  Fixlist.txt   12.86KB   4 downloads   and save it in the same directory as FRST

  • Close any open browsers or any other programs that are open
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Step 2:

Scan with Zemana AntiMalware Free:

  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.

===================================================================

How is your PC running and any issue ? is there still septoms ?

 

Have a nice day.

 


Edited by olgun52, 22 May 2016 - 12:43 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users