Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lingering virus preventing internet access


  • This topic is locked This topic is locked
24 replies to this topic

#1 Atrav

Atrav

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 09 June 2016 - 02:38 AM

Hello. So recently my computer got hit with a virus and I've been able to use a few utilities from here to help get rid of some of it it seems. My internet connection is very on and off. Mostly off. and anytime I try to browse the web it says connection not found and my wifi connection is working fine. Been trying to figure out what the issue is but no such luck. Any help fixing this issue would be very greatly appreciated.

BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,840 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:12:02 PM

Posted 09 June 2016 - 02:54 AM

Hello Atrav and welcome to the Bleeping Computer forum.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Run RogueKiller

IMPORTANT: Please remove any usb or external drives from the computer before you run this scan!

Close all running programs.


Download RogueKiller to your desktop

  • close all running programs
  • for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
  • when the pre-scan is finished, click on Scan
  • click on Report and copy/paste the content in your next post
  • NOTE: DO NOT attempt to remove anything that the scan detects –everything that is reported is not necessarily bad

If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.

Please post the contents of the RKreport.txt in your next reply.

===================================================

Download zoek.exe to your Desktop:

Important: Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

  • on Windows Vista, 7/8,10, right-click Zoek.exe and select: Run as Administrator
  • give it a few seconds to appear
  • copy/paste the entire script inside the codebox below into the input field of Zoek:
    createsrpoint;
    autoclean;
    emptyalltemp;
    ipconfig /flushdns;b
    
  • close any open programs.
  • click the Run script button, and wait. It takes a few minutes to run.
  • when the tool finishes, the zoek-results.log is opened in Notepad: the log can also be found on the systemdrive, normally C:\
  • if a reboot is needed, the log will be opened after the reboot.

================================================

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • press Scan button
  • it will produce a log called Frst.txt in the same directory the tool is run from
  • please copy and paste log back here.
  • the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.

================================================

Logs to include with next post:

RKreport.txt
zoek-results.log
Frst.txt
Addition.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 09 June 2016 - 11:59 PM

Hello Satchfan. Thanks very much for your prompt reply and apologies for my delayed response. Doing everything right now so by tomorrow I will have all of the logs posted. (No other computer currently in house) because I can't connect to the Internet I'm using another computer to get everything and then doing it on my laptop. Then will have to take the generated logs to a computer that can connect. Sorry about that. So just wanted to keep you posted.

#4 satchfan

satchfan

  • Malware Response Team
  • 2,840 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:12:02 PM

Posted 10 June 2016 - 04:06 AM

Thanks for the update Atrav.

 

I'll wait until I hear from you. My responses may also be delayed as I have a lot to do tomorrow but we'll get this dealt with.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#5 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 12 June 2016 - 01:29 AM

sorry for the delayed response and thank you again. My internet connected just enough for me to make this post. albeit sluggish and still not where it used to be 

 
 
RogueKiller V12.3.1.0 (x64) [May 30 2016] (Free) by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Aaron [Administrator]
Started from : C:\Users\Aaron\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 06/09/2016 23:57:48
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 0 ¤¤¤
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST640LM0 00 HM641JI SATA Disk Device +++++
--- User ---
[MBR] 46f924c95dcab07114b15913232462b7
[BSP] c920c50bf185857def37a52a031cf7d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 584113 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1196673024 | Size: 22103 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1241939968 | Size: 4063 MB
User = LL1 ... OK
User = LL2 ... OK
 
 
 
 
 
 
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Aaron on Thu 06/09/2016 at 20:37:21.89.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: H:\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
6/9/2016 8:45:30 PM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\360 deleted successfully
C:\PROGRA~2\Black_Box deleted successfully
C:\PROGRA~2\HPDef deleted successfully
C:\PROGRA~2\mpck deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\FLEXnet deleted successfully
C:\Users\Aaron\AppData\Roaming\894b4820-fb4e-4e05-bfdb-3ff9ec7c4badad deleted successfully
C:\Users\Aaron\AppData\Roaming\Ludia deleted successfully
C:\Users\Aaron\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Aaron\AppData\Roaming\Pawarhuy deleted successfully
C:\Users\Aaron\AppData\Roaming\TP deleted successfully
C:\Users\Aaron\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Aaron\AppData\Local\Symantec deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B6A4AD4-D6EE-47dd-B308-0E0930A43853} deleted successfully
HKEY_USERS\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== FireFox Fix ======================
 
ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057
 
user.js not found
---- Lines enabledAddons" modified from prefs.js ----
 
user_pref("extensions.enabledAddons", "%7B55A8EC97-6AF6-442c-877F-11C51DBD162D%7D:1.0.6,amznUWL2%40amazon.com:1.10.1-signed.1-signed,newtabgoogle%40gr
---- Lines xpiState" removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"amznUWL2@amazon.com\":{\"d\":\"C:\\\\Users\\\\Aaron\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\
---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----
 
user_pref("extensions.enabledItems", "{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145,{0153E448-190B-4987-
---- FireFox user.js and prefs.js backups ---- 
 
prefs_20160609_0919_.backup
 
ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
 
user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.search.defaultenginename", "Search Provided by Yahoo");
user_pref("browser.search.selectedEngine", "Search Provided by Yahoo");
---- FireFox user.js and prefs.js backups ---- 
 
prefs_20160609_0919_.backup
 
ProfilePath: C:\Users\AARONS~1\AppData\Roaming\Mozilla\Firefox\Profiles\ofdydu9e.default-1429243226908
 
user.js not found
---- Lines enabledAddons" modified from prefs.js ----
 
user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0");
---- FireFox user.js and prefs.js backups ---- 
 
prefs_20160609_0919_.backup
 
ProfilePath: C:\Users\GUEST1~1\AppData\Roaming\Mozilla\Firefox\Profiles\nra6zes3.default
 
user.js not found
---- Lines enabledAddons" modified from prefs.js ----
 
user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1");
---- Lines xpiState" removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"ugnraew@jqhljqmpngx.net\":{\"d\":\"C:\\\\Users\\\\guest 1\\\\AppData\\\\Roaming\\\\Mozilla\\\\Fi
---- FireFox user.js and prefs.js backups ---- 
 
prefs_20160609_0919_.backup
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\360 not found
C:\PROGRA~2\Black_Box not found
C:\PROGRA~2\HPDef not found
C:\PROGRA~2\mpck not found
C:\Users\Aaron\.android deleted
C:\PROGRA~2\NCH Software\Components\NCHToolbars deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Aaron\AppData\Roaming\WB.CFG deleted
C:\Users\Aaron\AppData\Roaming\monFDE.log deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\PROGRA~2\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} deleted
C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\extensions\firefoxdav@icloud.com deleted
"C:\Windows\Installer\4db551.msi" deleted
"C:\Windows\Installer\e2b3.msi" deleted
"C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\yahoo.xml" deleted
 
==== Orphaned Tasks deleted from Registry ======================
 
avast Emergency Update deleted
HPCeeScheduleForAaron deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.newtab.url", "about:newtab");
 
ProfilePath: C:\Users\AARONS~1\AppData\Roaming\Mozilla\Firefox\Profiles\ofdydu9e.default-1429243226908
user_pref("browser.newtab.url", "about:newtab");
 
ProfilePath: C:\Users\GUEST1~1\AppData\Roaming\Mozilla\Firefox\Profiles\nra6zes3.default
user_pref("browser.newtab.url", "about:newtab");
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/06/2016 01:44 AM]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/06/2016 01:44 AM]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057
- Botn de Aadir a la lista de deseos Amazon - %ProfilePath%\extensions\amznUWL2@amazon.com.xpi
- Add Google Search To New Tab Page - %ProfilePath%\extensions\newtabgoogle@graememcc.co.uk.xpi
- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ddhbfejjbeajmnaplpemkoiiamdepapf - C:\ProgramData\DownloadnSave\ddhbfejjbeajmnaplpemkoiiamdepapf.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06/06/2016 01:43 AM]
igljnkmljjbhcellpnjppojkfdfmkjmp - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_GC.crx[05/13/2013 11:56 AM]
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[08/21/2012 02:45 AM]
kofkpgiaknijknhajbhnghkodiccblkg - No path found[]
 
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
kofkpgiaknijknhajbhnghkodiccblkg - No path found[]
 
YouTube Video Downloader Extension - Aaron\AppData\Local\Chromium\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp
RealPlayer HTML5Video Downloader Extension - Aaron\AppData\Local\Chromium\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
Avast Online Security - Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
YouTube Video Downloader Extension - Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp
YouTube Video Downloader Extension - Aaron School\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp
RealPlayer HTML5Video Downloader Extension - Aaron School\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
YouTube Video Downloader Extension - guest 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp
RealPlayer HTML5Video Downloader Extension - guest 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
 
==== Chromium Fix ======================
 
C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_GC.crx deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Aaron\AppData\Local\Chromium\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp deleted successfully
C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp deleted successfully
C:\Users\Aaron School\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp deleted successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"=""
HKLM\SearchScopes\{73cd434e-8e1e-46b6-bb8d-7dd935140717} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKLM\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
HKLM\Wow6432Node\SearchScopes "DefaultScope"=""
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKLM\Wow6432Node\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{73cd434e-8e1e-46b6-bb8d-7dd935140717} - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
HKCU\Wow6432Node\SearchScopes "DefaultScope"=""
HKCU\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{38783831-6098-4faa-A9C9-1EE1E343F4D2} deleted successfully
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\57EE8B0A48B96D04AA066B0433B7729D deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1ADB7B61769BD2D4B8721E72722C3805 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ddhbfejjbeajmnaplpemkoiiamdepapf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0B8EE75-9B84-40D6-AA60-B640337B27D9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Driver Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{16B7BDA1-B967-4D2D-8B27-E12727C28350} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\57EE8B0A48B96D04AA066B0433B7729D deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1ADB7B61769BD2D4B8721E72722C3805 deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aaron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aaron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
 
==== Empty FireFox Cache ======================
 
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\auvb88n4.default\Cache emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\Aaron\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Aaron School\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\guest 1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=232 folders=102 60524498 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Aaron\AppData\Local\Temp will be emptied at reboot
C:\Users\Aaron School\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\temp emptied successfully
C:\Users\guest 1\AppData\Local\temp emptied successfully
C:\Users\Mcx1-AARON-HP\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Aaron\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Users\Aaron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
 
==== EOF on Thu 06/09/2016 at 21:35:36.56 ======================
 

Edited by Atrav, 12 June 2016 - 01:35 AM.


#6 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 12 June 2016 - 01:30 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-06-2016
Ran by Aaron (administrator) on AARON-HP (09-06-2016 21:39:55)
Running from C:\Users\Aaron\Desktop
Loaded Profiles: Aaron (Available Profiles: Aaron & guest 1 & Mcx1-AARON-HP & Aaron School)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
() C:\Windows\AutoKMS\AutoKMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
(AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
() C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
(Microsoft Corporation) C:\Windows\System32\netsh.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-02] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-13] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [Anvi Smart Defender] => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe [1434984 2012-12-20] (Anvisoft)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1666560 2012-02-20] (AimerSoft)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADBlocker] => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe [979816 2012-12-21] ()
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-05-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400064 2016-06-06] (AVAST Software)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-05-31] (SUPERAntiSpyware)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448 2010-11-20] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [326144 2010-11-20] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0FFB5237-8642-42B3-9D7E-6AE210979A6E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT/1
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {008F6831-ECBA-4246-911D-F1DF440F0458} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-30] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
 
FireFox:
========
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-08-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-17] (DivX, LLC)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-23] ()
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-08-21] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: LTS Web Components -> C:\Program Files (x86)\LTS Web Components\npLTSWebVideoPlugin.dll [2015-08-06] ()
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @talk.google.com/O1DPlugin -> C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-08-21] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Aaron\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Aaron\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\searchplugins\firefox-add-ons.xml [2013-05-27]
FF Extension: YouTube Video Downloader Extension - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi [2013-05-13] [not signed]
FF Extension: Add to Amazon Wish List Button - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\extensions\amznUWL2@amazon.com.xpi [2016-06-02]
FF Extension: Add Google Search To New Tab Page - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\extensions\newtabgoogle@graememcc.co.uk.xpi [2016-06-02]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-04-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-06]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-05-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-12-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-691505584-3256853444-1998314781-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-06]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-21]
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 ADBlockerSrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe [279368 2012-11-13] ()
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 asdsrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [735592 2012-12-20] (Anvisoft)
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-06] (AVAST Software)
S4 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-05-20] (AVG Technologies CZ, s.r.o.)
S4 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1998712 2016-05-20] (AVG Technologies CZ, s.r.o.)
S4 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5164800 2016-05-20] (AVG Technologies CZ, s.r.o.)
S4 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-05-20] (AVG Technologies CZ, s.r.o.)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-25] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-25] (Dropbox, Inc.)
S4 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2519904 2016-04-13] (ESET)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-06-05] (SurfRight B.V.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4803344 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 asdnet; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [19280 2012-09-07] ()
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [18768 2012-11-07] (Anvisoft)
R2 asdrs; C:\Windows\system32\DRIVERS\asdrs.sys [23376 2012-11-07] (Anvisoft)
R2 asdws; C:\Windows\system32\DRIVERS\asdws.sys [17232 2012-11-07] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-06] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [279296 2016-05-17] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-27] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-13] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-13] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-13] (ESET)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [46960 2016-06-08] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Tosrfcom; no ImagePath
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-06-08] ()
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S1 A2DDA; \??\C:\Users\Aaron\Desktop\Run\a2ddax64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 fkjpbclc; \??\C:\Windows\system32\drivers\fkjpbclc.sys [X]
S1 gmtweagw; \??\C:\Windows\system32\drivers\gmtweagw.sys [X]
S1 kgquubom; \??\C:\Windows\system32\drivers\kgquubom.sys [X]
S1 pfnrymhh; \??\C:\Windows\system32\drivers\pfnrymhh.sys [X]
U2 TMAgent; no ImagePath
S0 tspor; System32\drivers\cfqr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-09 21:39 - 2016-06-09 21:40 - 00036501 _____ C:\Users\Aaron\Desktop\FRST.txt
2016-06-09 21:39 - 2016-06-09 21:39 - 00000000 ____D C:\FRST
2016-06-09 21:38 - 2016-06-09 22:58 - 02385408 _____ (Farbar) C:\Users\Aaron\Desktop\FRST64.exe
2016-06-09 21:38 - 2016-06-09 21:38 - 00020238 _____ C:\Users\Aaron\Desktop\zoek-results.txt
2016-06-09 21:35 - 2016-06-09 21:35 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-09 21:32 - 2016-06-09 20:37 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-06-09 20:38 - 2016-06-09 22:57 - 01309184 _____ C:\Users\Aaron\Desktop\zoek.exe
2016-06-09 20:37 - 2016-06-09 21:26 - 00000000 ____D C:\zoek_backup
2016-06-09 19:27 - 2016-06-09 19:27 - 00000000 ____D C:\Users\Aaron\AppData\Local\ElevatedDiagnostics
2016-06-09 01:24 - 2016-06-09 01:24 - 00044310 _____ C:\Users\Aaron\Desktop\comb.txt
2016-06-09 01:17 - 2016-06-09 01:17 - 00044310 _____ C:\ComboFix.txt
2016-06-09 00:26 - 2016-06-09 00:26 - 00000000 ____D C:\Windows\Panther
2016-06-09 00:19 - 2016-06-09 01:17 - 00000000 ____D C:\ComboFix
2016-06-08 23:59 - 2016-04-14 09:42 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-08 23:59 - 2016-04-14 08:33 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-08 23:59 - 2015-06-25 03:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-08 23:59 - 2015-06-25 03:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-08 23:59 - 2015-06-25 03:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-08 23:59 - 2015-06-25 02:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-08 23:57 - 2016-02-09 02:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-06-08 23:50 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-06-08 23:50 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-06-08 23:50 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-06-08 23:50 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-06-08 23:50 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-06-08 23:01 - 2016-04-08 23:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-08 23:01 - 2016-04-08 23:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-08 23:01 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-06-08 23:01 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-06-08 23:00 - 2015-01-16 19:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-08 23:00 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-08 23:00 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-08 23:00 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-08 23:00 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-06-08 23:00 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-06-08 22:36 - 2016-06-08 22:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-08 22:36 - 2016-06-08 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-08 22:35 - 2016-06-08 22:35 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-06-08 22:35 - 2016-06-08 22:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-06-08 22:30 - 2016-03-09 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-06-08 22:30 - 2016-03-09 11:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-06-08 22:29 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-06-08 22:28 - 2015-11-03 12:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-06-08 22:28 - 2015-11-03 11:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-06-08 22:28 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-06-08 22:28 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-06-08 22:28 - 2013-05-12 22:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-06-08 22:28 - 2013-05-12 22:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-08 22:28 - 2013-05-12 22:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-06-08 22:28 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-06-08 22:28 - 2013-05-12 21:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-06-08 22:28 - 2013-05-12 21:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-06-08 22:28 - 2013-05-12 21:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-06-08 22:28 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-06-08 22:28 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-06-08 22:28 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-06-08 22:26 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-06-08 22:26 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-06-08 22:26 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-06-08 22:26 - 2012-06-02 07:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-06-08 22:23 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-06-08 22:23 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-06-08 22:23 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-06-08 22:23 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-06-08 22:23 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-06-08 22:23 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-06-08 22:23 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-06-08 22:23 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-06-08 22:16 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-06-08 22:16 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-06-08 22:16 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-06-08 21:57 - 2016-06-08 21:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-08 21:52 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-06-08 21:52 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-06-08 21:52 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-06-08 21:52 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-06-08 21:52 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-06-08 21:52 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-06-08 21:52 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-06-08 21:52 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-06-08 21:47 - 2015-02-03 20:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-06-08 21:47 - 2015-02-03 19:54 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-06-08 18:39 - 2016-06-08 18:39 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-06-08 13:44 - 2016-06-08 18:39 - 00046960 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-06-07 23:53 - 2016-06-07 23:54 - 00235802 _____ C:\TDSSKiller.3.1.0.9_07.06.2016_23.53.59_log.txt
2016-06-07 23:25 - 2016-06-08 21:37 - 00238496 _____ C:\Windows\ntbtlog.txt
2016-06-06 23:08 - 2016-06-06 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-06 23:08 - 2016-06-06 23:08 - 00000000 ____D C:\ProgramData\ESET
2016-06-06 23:07 - 2016-06-06 23:07 - 00000000 ____D C:\Program Files\ESET
2016-06-06 22:55 - 2016-06-09 18:54 - 00003340 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-691505584-3256853444-1998314781-1002
2016-06-06 22:37 - 2016-06-06 22:40 - 95918240 _____ (ESET) C:\Users\Aaron\Desktop\eav_nt64_enu.exe
2016-06-06 22:23 - 2016-06-06 22:23 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-06 22:23 - 2016-06-06 22:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-06 22:23 - 2016-06-06 22:23 - 00000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2016-06-06 22:23 - 2016-06-06 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-06 22:23 - 2016-06-06 22:23 - 00000000 ____D C:\Program Files\CCleaner
2016-06-06 22:20 - 2016-06-06 22:21 - 06893688 _____ (Piriform Ltd) C:\Users\Aaron\Desktop\ccsetup518.exe
2016-06-06 21:58 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-06 21:58 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-06 21:58 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-06 01:51 - 2016-06-06 01:51 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1465203079
2016-06-06 01:51 - 2016-06-06 01:51 - 00001037 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-06 01:51 - 2016-06-06 01:51 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-06 01:51 - 2016-06-06 01:51 - 00001037 _____ C:\ProgramData\Desktop\Avast SafeZone Browser.lnk
2016-06-06 01:50 - 2016-06-06 01:50 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-06 01:48 - 2016-06-06 01:48 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\AVAST Software
2016-06-06 01:47 - 2016-06-06 01:47 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-06-06 01:47 - 2016-06-06 01:47 - 00001922 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2016-06-06 01:47 - 2016-06-06 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-06 01:46 - 2016-06-09 18:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-06 01:46 - 2016-06-06 01:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-06-06 01:45 - 2016-06-06 01:43 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-06 01:44 - 2016-06-06 01:43 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-06 01:43 - 2016-06-06 01:43 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-06 01:42 - 2016-06-06 01:50 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-05 22:50 - 2016-06-05 22:50 - 05198336 _____ (AVAST Software) C:\Users\Aaron\Desktop\asvastwMBR (1).exe
2016-06-05 22:30 - 2016-06-05 22:30 - 05200384 _____ (AVAST Software) C:\Users\Aaron\Documents\Unconfirmed 896022.crdownload
2016-06-05 21:50 - 2016-06-05 21:50 - 94065602 _____ C:\Users\Aaron\Desktop\headNEWEYEeeeeee.psd
2016-06-05 21:26 - 2016-06-05 21:49 - 94064738 _____ C:\Users\Aaron\headNEWEYEeeeeee.psd
2016-06-05 13:20 - 2016-06-05 13:20 - 00003704 _____ C:\Windows\System32\Tasks\Java™ Platform SE Auto Updater
2016-06-05 13:10 - 2016-06-05 20:59 - 00002491 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2016-06-05 13:10 - 2016-06-05 20:59 - 00002491 _____ C:\ProgramData\Desktop\AVG Driver Updater.lnk
2016-06-05 13:10 - 2016-06-05 13:10 - 01124512 _____ (SlimWare Utilities, Inc.) C:\Users\Aaron\Desktop\AVG_Driver_Updater_Setup_11_1.exe
2016-06-05 13:10 - 2016-06-05 13:10 - 00000000 ____D C:\Users\Aaron\AppData\Local\AVG Netherlands BV
2016-06-05 13:10 - 2016-06-05 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2016-06-05 13:10 - 2016-06-05 13:10 - 00000000 ____D C:\Program Files (x86)\AVG Driver Updater
2016-06-05 12:19 - 2016-06-05 20:59 - 00002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-06-05 12:19 - 2016-06-05 20:59 - 00002202 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-06-05 12:19 - 2016-06-05 20:59 - 00002202 _____ C:\ProgramData\Desktop\AVG PC TuneUp.lnk
2016-06-05 12:19 - 2016-06-05 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-06-05 12:19 - 2016-06-01 15:12 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-06-05 12:19 - 2016-06-01 15:05 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-06-05 12:19 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2016-06-05 12:09 - 2016-06-05 12:09 - 03135696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Aaron\Desktop\AVG_PCTuneUp_879.exe
2016-06-05 00:41 - 2016-06-05 20:59 - 00001887 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-06-05 00:41 - 2016-06-05 20:59 - 00001887 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2016-06-05 00:41 - 2016-06-05 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-06-05 00:41 - 2016-06-05 00:41 - 00000000 ____D C:\Program Files\HitmanPro
2016-06-05 00:41 - 2016-06-04 22:32 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-05 00:23 - 2016-06-05 00:29 - 11438608 _____ (SurfRight B.V.) C:\Users\Aaron\Desktop\HitmanPro_x64.exe
2016-06-05 00:22 - 2016-06-05 00:22 - 00448512 _____ (OldTimer Tools) C:\Users\Aaron\Desktop\TFC.exe
2016-06-04 23:51 - 2016-06-04 23:51 - 00000000 ____D C:\SUPERDelete
2016-06-04 23:46 - 2016-06-08 23:46 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d.job
2016-06-04 23:46 - 2016-06-08 20:40 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4.job
2016-06-04 23:46 - 2016-06-04 23:46 - 00003588 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4
2016-06-04 23:46 - 2016-06-04 23:46 - 00003514 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d
2016-06-04 23:46 - 2016-06-04 23:46 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\SUPERAntiSpyware.com
2016-06-04 23:45 - 2016-06-09 21:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-04 23:45 - 2016-06-05 20:59 - 00001846 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-06-04 23:45 - 2016-06-05 20:59 - 00001846 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-06-04 23:45 - 2016-06-04 23:45 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-06-04 23:45 - 2016-06-04 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-06-04 23:44 - 2016-06-04 23:45 - 26109944 _____ (SUPERAntiSpyware) C:\Users\Aaron\Desktop\SUPERAntiSpyware.exe
2016-06-04 23:27 - 2016-06-04 23:27 - 01107968 _____ C:\Users\Aaron\Desktop\RSIT.exe
2016-06-04 23:27 - 2016-06-04 23:27 - 00000000 ____D C:\rsit
2016-06-04 23:27 - 2016-06-04 23:27 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-06-04 23:11 - 2016-06-05 20:59 - 00002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-04 23:11 - 2016-06-05 20:59 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-04 23:11 - 2016-06-05 20:59 - 00002249 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-06-04 23:11 - 2016-06-04 23:16 - 134501656 _____ (Microsoft Corporation) C:\Users\Aaron\Desktop\msert.exe
2016-06-04 23:07 - 2016-06-08 23:58 - 00000000 ____D C:\Users\Aaron\Desktop\backups
2016-06-04 22:39 - 2016-06-09 21:35 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-04 22:39 - 2016-06-09 20:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-04 22:39 - 2016-06-04 23:46 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-04 22:39 - 2016-06-04 23:46 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-04 22:37 - 2016-06-04 22:37 - 00987728 _____ (Google Inc.) C:\Users\Aaron\Desktop\ChromeSetup (1).exe
2016-06-04 22:09 - 2016-06-04 22:09 - 00005778 _____ C:\Windows\system32\.crusader
2016-06-04 18:20 - 2016-06-04 18:20 - 00987728 _____ (Google Inc.) C:\Users\Aaron\Desktop\ChromeSetup.exe
2016-06-04 12:31 - 2016-06-04 12:31 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\AVG
2016-06-04 12:29 - 2016-06-06 01:46 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-04 12:28 - 2016-06-05 20:59 - 00000930 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-06-04 12:28 - 2016-06-05 20:59 - 00000930 _____ C:\ProgramData\Desktop\AVG Protection.lnk
2016-06-04 12:28 - 2016-06-04 12:28 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\TuneUp Software
2016-06-04 12:28 - 2016-06-04 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-06-04 12:24 - 2016-06-04 12:24 - 00000000 ____D C:\$AVG
2016-06-04 12:20 - 2016-06-05 12:17 - 00000000 ____D C:\Program Files (x86)\AVG
2016-06-04 12:01 - 2016-06-04 12:02 - 00218366 _____ C:\TDSSKiller.3.1.0.9_04.06.2016_12.01.48_log.txt
2016-06-04 11:55 - 2016-06-04 11:55 - 00003292 _____ C:\Users\Aaron\Desktop\JRTb.txt
2016-06-04 11:54 - 2016-06-05 22:48 - 00002312 _____ C:\Users\Aaron\Desktop\JRT.txt
2016-06-04 11:46 - 2016-06-09 01:17 - 00000000 ____D C:\Qoobox
2016-06-04 11:17 - 2016-06-04 11:17 - 00012435 _____ C:\Users\Aaron\Desktop\AdwCleaner[S1].txt
2016-06-04 11:13 - 2016-06-04 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:11 - 2016-06-09 00:15 - 00000000 ____D C:\AdwCleaner
2016-06-04 11:10 - 2016-06-04 11:11 - 03677248 _____ C:\Users\Aaron\Desktop\AdwCleaner.exe
2016-06-04 01:33 - 2016-06-04 01:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Aaron\Desktop\HijackThis.exe
2016-06-04 01:19 - 2016-06-04 01:19 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Aaron\Desktop\rkill64-5415.com
2016-06-04 01:12 - 2016-06-04 01:12 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Aaron\Desktop\rkill64.com
2016-06-03 23:08 - 2016-06-03 23:08 - 01610816 _____ (Malwarebytes) C:\Users\Aaron\Desktop\JRT.exe
2016-06-03 23:03 - 2016-06-03 23:07 - 00220156 _____ C:\TDSSKiller.3.1.0.9_03.06.2016_23.03.17_log.txt
2016-06-03 22:58 - 2016-06-08 23:29 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-03 22:58 - 2016-06-04 01:19 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-03 22:57 - 2016-06-03 22:57 - 24125512 _____ C:\Users\Aaron\Desktop\RogueKillerX64.exe
2016-06-03 22:52 - 2016-06-03 22:53 - 19868744 _____ C:\Users\Aaron\Desktop\RogueKiller.exe
2016-06-03 22:48 - 2016-06-03 22:48 - 05659224 ____R (Swearware) C:\Users\Aaron\Desktop\ComboFix.exe
2016-06-03 22:42 - 2016-06-03 22:50 - 00000000 ____D C:\AVG_Remover
2016-06-03 22:42 - 2016-06-03 22:42 - 08065568 _____ ( ) C:\Users\Aaron\Desktop\AVG_Remover.exe
2016-06-03 22:15 - 2016-06-03 22:20 - 257024472 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Aaron\Desktop\AVG_Internet_Security_x64_696.exe
2016-06-03 22:07 - 2016-06-06 22:34 - 00000000 ____D C:\ProgramData\MFAData
2016-06-03 22:07 - 2016-06-03 22:07 - 00000000 ____D C:\Users\Aaron\AppData\Local\MFAData
2016-06-03 22:07 - 2016-06-03 22:07 - 00000000 ____D C:\Users\Aaron\AppData\Local\Avg2015
2016-06-03 22:00 - 2016-06-03 22:05 - 204851760 _____ (AVG Technologies) C:\Users\Aaron\Desktop\avg_free_x64_all_2015_ltst_221.exe
2016-06-03 21:25 - 2016-06-05 12:17 - 00000000 ____D C:\ProgramData\Avg
2016-06-03 21:21 - 2016-06-05 12:18 - 00000000 ____D C:\Users\Aaron\AppData\Local\AvgSetupLog
2016-06-03 21:21 - 2016-06-05 12:18 - 00000000 ____D C:\Users\Aaron\AppData\Local\Avg
2016-06-03 21:19 - 2016-06-03 21:19 - 03078064 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Aaron\Desktop\AVG_Protection_Free_1606.exe
2016-06-03 21:17 - 2016-06-07 23:49 - 00000002 _____ C:\Users\Aaron\Desktop\Rkill.txt
2016-06-03 20:45 - 2016-06-03 20:36 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Aaron\Desktop\rkill.com
2016-06-03 20:39 - 2016-06-03 20:41 - 00220842 _____ C:\TDSSKiller.3.1.0.9_03.06.2016_20.39.32_log.txt
2016-06-03 20:38 - 2016-06-06 01:50 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-03 20:38 - 2016-06-03 20:39 - 49152216 _____ (Microsoft Corporation) C:\Users\Aaron\Desktop\Windows-KB890830-x64-V5.36.exe
2016-06-03 20:38 - 2016-06-03 20:38 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-06-03 20:38 - 2016-06-03 20:38 - 05066104 _____ (AVAST Software) C:\Users\Aaron\Desktop\avast_free_antivirus_setup_online.exe
2016-06-03 20:38 - 2016-06-03 20:38 - 05066104 _____ (AVAST Software) C:\ProgramData\Desktop\avast_free_antivirus_setup_online.exe
2016-06-03 20:38 - 2016-06-03 20:37 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Aaron\Desktop\tdsskiller.exe
2016-06-03 13:32 - 2014-04-24 20:40 - 47230394 _____ C:\Users\Aaron School\Desktop\Alexander Aaron.pdf
2016-06-03 13:28 - 2016-06-03 13:28 - 00000000 _____ C:\Users\Aaron School\AppData\Local\{3AC57209-7AB1-40FB-BEAA-7D3D7837BEEC}
2016-06-03 13:09 - 2016-06-03 13:09 - 00000054 _____ C:\Users\Aaron School\Desktop\New Text Document (2).txt
2016-06-03 12:31 - 2016-06-03 12:31 - 00442755 _____ C:\Users\Aaron\Desktop\utility.htm
2016-06-03 11:50 - 2016-06-03 11:50 - 00000000 ____D C:\Users\Aaron School\AppData\Roaming\Anvisoft
2016-06-03 11:41 - 2016-06-03 11:41 - 00000000 ____D C:\Users\Aaron School\AppData\Local\ElevatedDiagnostics
2016-06-03 11:26 - 2016-06-09 18:57 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-03 02:59 - 2016-06-03 02:59 - 00000000 ____D C:\Users\Aaron School\AppData\Local\Dropbox
2016-06-03 02:57 - 2016-06-03 02:57 - 00000258 __RSH C:\Users\Aaron School\ntuser.pol
2016-06-03 02:07 - 2016-06-03 02:07 - 21662144 _____ C:\Users\Aaron\Desktop\Unconfirmed 132198.crdownload
2016-06-03 01:57 - 2016-06-03 01:57 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow0040CEA8
2016-06-03 01:57 - 2016-06-03 01:57 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow000000000032A1B8
2016-06-02 16:57 - 2016-06-02 16:57 - 00000000 ____D C:\Windows\system32\agap
2016-06-02 16:48 - 2016-06-09 21:35 - 00000008 __RSH C:\Users\Aaron\ntuser.pol
2016-06-02 16:47 - 2016-06-02 16:47 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow00935440
2016-06-02 16:47 - 2016-06-02 16:47 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow000000000032AD58
2016-06-02 15:54 - 2016-06-02 15:54 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow00811F28
2016-06-02 15:54 - 2016-06-02 15:54 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow000000000034ECA8
2016-06-02 15:54 - 2016-06-02 15:54 - 00000000 ____D C:\Program Files (x86)\Securid
2016-06-02 15:53 - 2016-06-02 15:53 - 00000000 ____D C:\Users\Aaron\AppData\Local\Tempfolder
2016-06-02 15:48 - 2016-06-03 11:21 - 00000000 ____D C:\Users\Aaron\AppData\Local\Apps\2.0
2016-06-02 15:48 - 2016-06-02 15:48 - 00128512 _____ C:\Users\Aaron\AppData\Roaming\Installer.dat
2016-06-02 15:48 - 2016-06-02 15:48 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2016-06-02 13:06 - 2016-06-02 13:06 - 00006399 _____ C:\Users\Aaron\Desktop\recermt scan.txt
2016-06-02 11:27 - 2016-06-02 11:08 - 00000487 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-06-02 11:08 - 2016-06-03 02:55 - 00031475 _____ C:\Windows\e9154e56706355251f439efdfbbde3f1.ps1
2016-06-02 11:08 - 2016-06-02 11:08 - 00000000 ____D C:\Windows\system32\SSL
2016-06-02 11:07 - 2016-06-04 13:20 - 00001656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\guest 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\guest 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001644 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001644 _____ C:\ProgramData\Desktop\Моzillа Firеfох.lnk
2016-06-02 00:55 - 2016-06-05 20:59 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-06-02 00:55 - 2016-06-05 20:59 - 00001512 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-06-02 00:55 - 2016-06-05 20:59 - 00001512 _____ C:\ProgramData\Desktop\Adobe Application Manager.lnk
2016-06-02 00:50 - 2016-06-02 00:50 - 00000029 _____ C:\Users\Aaron\Desktop\New Text Document.txt
2016-06-01 12:00 - 2016-06-01 14:20 - 00000000 ____D C:\Users\Aaron\Desktop\comm
2016-05-25 23:49 - 2016-06-09 21:39 - 00000000 ___RD C:\Users\Aaron\Dropbox
2016-05-25 23:49 - 2016-06-05 20:58 - 00001226 _____ C:\Users\Aaron\Desktop\Dropbox.lnk
2016-05-25 23:35 - 2016-05-25 23:35 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Dropbox
2016-05-25 23:33 - 2016-06-09 21:38 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-25 23:33 - 2016-06-09 21:35 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-25 23:33 - 2016-06-04 11:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-25 23:33 - 2016-05-25 23:49 - 00000000 ____D C:\Users\Aaron\AppData\Local\Dropbox
2016-05-25 23:33 - 2016-05-25 23:33 - 00003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-05-25 23:33 - 2016-05-25 23:33 - 00003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-05-25 23:33 - 2016-05-25 23:33 - 00000000 ____D C:\ProgramData\Dropbox
2016-05-18 12:13 - 2016-05-18 12:13 - 00307456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-05-17 10:50 - 2016-05-17 10:50 - 00279296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2016-05-17 00:29 - 2016-05-17 00:30 - 154647650 _____ C:\Users\Aaron\Downloads\HOSHI NO Kirby 64 Original Soundtrack.zip
2016-05-17 00:28 - 2016-05-17 00:29 - 89324387 _____ C:\Users\Aaron\Downloads\Goldeneye 007 N64 Soundtrack - Part 2.zip
2016-05-17 00:28 - 2016-05-17 00:29 - 163789779 _____ C:\Users\Aaron\Downloads\GoldenEye 007 N64 Soundtrack - Part 1.zip
2016-05-17 00:18 - 2016-05-17 00:19 - 120803133 _____ C:\Users\Aaron\Downloads\Super Mario 3D World Original Soundtrack - Disc 2.zip
2016-05-17 00:08 - 2016-05-17 00:09 - 117214865 _____ C:\Users\Aaron\Downloads\Super Mario 3D World Original Soundtrack - Disc 1.zip
2016-05-16 23:57 - 2016-05-16 23:58 - 117424705 _____ C:\Users\Aaron\Downloads\Mario Tennis 64 Original Soundtrack.zip
2016-05-16 23:57 - 2016-05-16 23:57 - 108803598 _____ C:\Users\Aaron\Downloads\Donkey Kong Returns Original Soundtrack.zip
2016-05-16 23:43 - 2016-05-16 23:44 - 178514295 _____ C:\Users\Aaron\Downloads\Mario Kart 8 Original Soundtrack (Disc 2).zip
2016-05-16 23:36 - 2016-05-16 23:37 - 182956233 _____ C:\Users\Aaron\Downloads\Mario Kart 8 Original Soundtrack (Disc 1).zip
2016-05-15 00:28 - 2016-06-05 20:58 - 00002473 _____ C:\Users\Aaron\Desktop\Chromium.lnk
2016-05-15 00:28 - 2016-05-15 00:28 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-05-15 00:27 - 2016-05-15 00:28 - 00000000 ____D C:\Users\Aaron\AppData\Local\Chromium
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-09 21:35 - 2012-03-19 23:32 - 00000000 ____D C:\Users\Aaron
2016-06-09 21:35 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-09 21:20 - 2009-07-13 20:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-06-09 21:17 - 2012-03-19 15:36 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CABBF77D-17D3-40A8-BF33-C455EE454CFB}
2016-06-09 20:37 - 2009-07-13 22:13 - 00856152 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-09 20:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-06-09 19:28 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-09 19:01 - 2009-07-13 21:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-09 19:01 - 2009-07-13 21:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-09 18:54 - 2016-03-28 15:39 - 00003206 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-691505584-3256853444-1998314781-1002
2016-06-09 01:03 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
2016-06-09 00:58 - 2012-08-02 16:09 - 00000000 ____D C:\Windows\ERDNT
2016-06-08 23:58 - 2013-09-01 11:06 - 00000000 ____D C:\Windows\SysWOW64\webclient
2016-06-08 23:18 - 2013-12-18 19:05 - 04839424 _____ C:\Users\Aaron\AppData\Local\SageThumbs.db3
2016-06-08 23:08 - 2012-03-19 15:38 - 00115432 _____ C:\Users\Aaron\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-08 23:06 - 2009-07-13 21:45 - 05062976 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-08 22:57 - 2012-02-10 20:11 - 00850368 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-08 22:53 - 2013-09-07 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-08 22:36 - 2011-11-09 12:04 - 00000000 ____D C:\ProgramData\Skype
2016-06-08 00:33 - 2014-09-27 11:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-06 22:59 - 2012-04-03 11:44 - 00000000 ____D C:\Users\Aaron\AppData\Local\CrashDumps
2016-06-06 22:29 - 2013-02-03 23:44 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Skype
2016-06-06 22:29 - 2012-07-27 16:26 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\DAEMON Tools Pro
2016-06-06 22:29 - 2012-07-15 00:35 - 00000000 ____D C:\Users\Aaron\Tracing
2016-06-05 21:01 - 2012-03-19 15:36 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\hpqLog
2016-06-05 20:59 - 2016-04-04 21:53 - 00002002 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-06-05 20:59 - 2016-04-04 21:53 - 00002002 _____ C:\ProgramData\Desktop\McAfee Security Scan Plus.lnk
2016-06-05 20:59 - 2016-03-08 13:38 - 00002007 _____ C:\Users\Public\Desktop\Platinum Toolset.lnk
2016-06-05 20:59 - 2016-03-08 13:38 - 00002007 _____ C:\ProgramData\Desktop\Platinum Toolset.lnk
2016-06-05 20:59 - 2015-11-07 08:37 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-05 20:59 - 2015-11-07 08:37 - 00001747 _____ C:\ProgramData\Desktop\iTunes.lnk
2016-06-05 20:59 - 2014-09-27 11:55 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-05 20:59 - 2014-09-27 11:55 - 00001096 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-05 20:59 - 2014-08-30 12:14 - 00000957 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-05 20:59 - 2014-08-30 12:14 - 00000957 _____ C:\ProgramData\Desktop\Steam.lnk
2016-06-05 20:59 - 2014-07-08 10:48 - 00000961 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2016-06-05 20:59 - 2014-07-08 10:48 - 00000961 _____ C:\ProgramData\Desktop\DS3 Tool.lnk
2016-06-05 20:59 - 2014-03-26 01:01 - 00001650 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
2016-06-05 20:59 - 2014-03-26 00:59 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
2016-06-05 20:59 - 2014-03-26 00:51 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-06-05 20:59 - 2014-02-12 19:39 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-06-05 20:59 - 2014-02-12 19:37 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-06-05 20:59 - 2014-02-12 19:36 - 00001081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-06-05 20:59 - 2014-02-12 19:34 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-06-05 20:59 - 2014-02-12 19:31 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-06-05 20:59 - 2014-02-12 19:31 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-06-05 20:59 - 2013-12-19 15:47 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-06-05 20:59 - 2013-12-19 15:47 - 00001839 _____ C:\ProgramData\Desktop\QuickTime Player.lnk
2016-06-05 20:59 - 2013-10-25 12:34 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2016-06-05 20:59 - 2013-09-03 19:54 - 00001022 _____ C:\Users\Public\Desktop\Convert AVI to MP4.lnk
2016-06-05 20:59 - 2013-09-03 19:54 - 00001022 _____ C:\ProgramData\Desktop\Convert AVI to MP4.lnk
2016-06-05 20:59 - 2013-09-01 12:02 - 00001038 _____ C:\Users\Public\Desktop\CamStudio.lnk
2016-06-05 20:59 - 2013-09-01 12:02 - 00001038 _____ C:\ProgramData\Desktop\CamStudio.lnk
2016-06-05 20:59 - 2013-08-27 18:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-06-05 20:59 - 2013-08-27 18:48 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-06-05 20:59 - 2013-08-27 18:48 - 00002013 _____ C:\ProgramData\Desktop\Adobe Reader XI.lnk
2016-06-05 20:59 - 2013-08-05 18:06 - 00002271 _____ C:\Users\Public\Desktop\WinZip.lnk
2016-06-05 20:59 - 2013-08-05 18:06 - 00002271 _____ C:\ProgramData\Desktop\WinZip.lnk
2016-06-05 20:59 - 2013-05-28 09:54 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2016-06-05 20:59 - 2013-05-28 09:54 - 00001025 _____ C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2016-06-05 20:59 - 2013-05-28 09:54 - 00001025 _____ C:\ProgramData\Desktop\Adobe Download Assistant.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001494 _____ C:\Users\Public\Desktop\Anvi AD Blocker.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001494 _____ C:\ProgramData\Desktop\Anvi AD Blocker.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001178 _____ C:\Users\Public\Desktop\Anvi Smart Defender.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001178 _____ C:\ProgramData\Desktop\Anvi Smart Defender.lnk
2016-06-05 20:59 - 2012-12-20 22:24 - 00001355 _____ C:\Users\Public\Desktop\CyberLink YouCam.lnk
2016-06-05 20:59 - 2012-12-20 22:24 - 00001355 _____ C:\ProgramData\Desktop\CyberLink YouCam.lnk
2016-06-05 20:59 - 2012-08-21 02:45 - 00001258 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2016-06-05 20:59 - 2012-08-21 02:45 - 00001258 _____ C:\ProgramData\Desktop\RealPlayer.lnk
2016-06-05 20:59 - 2012-08-15 04:12 - 00002024 _____ C:\Users\Public\Desktop\Java Web Start.lnk
2016-06-05 20:59 - 2012-08-15 04:12 - 00002024 _____ C:\ProgramData\Desktop\Java Web Start.lnk
2016-06-05 20:59 - 2012-07-27 16:26 - 00001926 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2016-06-05 20:59 - 2012-07-27 16:26 - 00001926 _____ C:\ProgramData\Desktop\DAEMON Tools Pro.lnk
2016-06-05 20:59 - 2012-05-19 19:23 - 00000875 _____ C:\Users\Public\Desktop\HxD.lnk
2016-06-05 20:59 - 2012-05-19 19:23 - 00000875 _____ C:\ProgramData\Desktop\HxD.lnk
2016-06-05 20:59 - 2012-03-21 23:50 - 00001029 _____ C:\Users\Public\Desktop\DiskAid.lnk
2016-06-05 20:59 - 2012-03-21 23:50 - 00001029 _____ C:\ProgramData\Desktop\DiskAid.lnk
2016-06-05 20:59 - 2012-03-21 23:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002098 _____ C:\Users\Public\Desktop\HP Download Store.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002098 _____ C:\ProgramData\Desktop\HP Download Store.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002020 _____ C:\Users\Public\Desktop\RaRa Music.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002020 _____ C:\ProgramData\Desktop\RaRa Music.lnk
2016-06-05 20:59 - 2012-02-10 20:01 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-06-05 20:59 - 2011-11-09 12:13 - 00002173 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-06-05 20:59 - 2011-11-09 12:13 - 00002173 _____ C:\ProgramData\Desktop\HP Support Assistant.lnk
2016-06-05 20:59 - 2011-11-09 12:07 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-06-05 20:59 - 2011-11-09 12:07 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-06-05 20:59 - 2011-11-09 12:06 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-06-05 20:59 - 2011-11-09 12:06 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-06-05 20:59 - 2011-11-09 12:03 - 00002103 _____ C:\Users\Public\Desktop\Microsoft Office 2010.lnk
2016-06-05 20:59 - 2011-11-09 12:03 - 00002103 _____ C:\ProgramData\Desktop\Microsoft Office 2010.lnk
2016-06-05 20:59 - 2011-11-09 11:56 - 00002584 _____ C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2016-06-05 20:59 - 2011-11-09 11:56 - 00002584 _____ C:\ProgramData\Desktop\WildTangent Games App - hp.lnk
2016-06-05 20:59 - 2009-07-13 21:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-05 20:59 - 2009-07-13 21:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-06-05 20:59 - 2009-07-13 21:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-06-05 20:58 - 2014-11-21 17:50 - 00001206 _____ C:\Users\Aaron\Desktop\Chromecast.lnk
2016-06-05 20:58 - 2014-07-08 07:50 - 00001389 _____ C:\Users\Aaron\Desktop\Super Street Fighter IV - Arcade Edition.lnk
2016-06-05 20:58 - 2013-09-07 21:03 - 00002156 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-06-05 20:58 - 2013-08-07 14:12 - 00000630 _____ C:\Users\Aaron\Desktop\BootDreams.lnk
2016-06-05 20:58 - 2012-08-04 13:47 - 00001999 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2016-06-05 20:58 - 2012-06-01 12:30 - 00001019 _____ C:\Users\Aaron\Desktop\Photoshop CS5.lnk
2016-06-05 20:58 - 2012-04-15 20:46 - 00000998 _____ C:\Users\Aaron\Desktop\IrfanView.lnk
2016-06-05 20:58 - 2009-07-13 22:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-06-05 20:58 - 2009-07-13 21:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-06-05 20:53 - 2012-10-22 15:13 - 00000000 ____D C:\Windows\Minidump
2016-06-05 12:34 - 2012-04-05 21:47 - 00000000 ____D C:\Users\Aaron\Documents\Youcam
2016-06-05 12:33 - 2014-08-30 12:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-05 12:33 - 2012-05-28 23:30 - 00000000 ____D C:\Users\Aaron\.thumbnails
2016-06-05 12:33 - 2012-02-10 20:19 - 00000000 ____D C:\ProgramData\Temp
2016-06-05 12:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-06-04 23:46 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-04 23:44 - 2013-09-07 20:57 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-04 23:39 - 2012-08-04 13:54 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-04 23:38 - 2012-11-29 12:20 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\uTorrent
2016-06-04 23:10 - 2013-10-25 12:34 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-04 23:09 - 2013-09-01 13:20 - 00000408 _____ C:\Users\Aaron\AppData\Roaming\CamShapes.ini
2016-06-04 23:09 - 2013-09-01 13:20 - 00000408 _____ C:\Users\Aaron\AppData\Roaming\CamLayout.ini
2016-06-04 23:09 - 2013-09-01 13:20 - 00000100 _____ C:\Users\Aaron\AppData\Roaming\Camdata.ini
2016-06-04 23:09 - 2013-09-01 12:23 - 00004522 _____ C:\Users\Aaron\AppData\Roaming\CamStudio.cfg
2016-06-04 22:35 - 2013-02-23 23:22 - 00000000 ____D C:\Users\Aaron\AppData\Local\PMB Files
2016-06-04 16:34 - 2014-07-06 15:20 - 00000000 ____D C:\Program Files (x86)\New folder
2016-06-04 14:08 - 2014-02-12 19:36 - 00000000 ____D C:\Program Files\Adobe
2016-06-04 14:01 - 2011-11-09 12:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-04 13:53 - 2014-02-12 19:20 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-04 13:30 - 2013-01-28 01:59 - 00000000 ___HD C:\ProgramData\tst
2016-06-04 12:30 - 2013-07-27 19:38 - 00000000 ____D C:\Users\Mcx1-AARON-HP
2016-06-04 12:30 - 2013-05-27 10:58 - 00000000 ____D C:\Users\guest 1
2016-06-04 00:27 - 2013-11-01 12:10 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D2CF48D5-0345-4579-A6D1-E91705D1DEAE}
2016-06-03 15:34 - 2011-11-09 11:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-06-03 14:57 - 2014-09-23 19:16 - 00876544 _____ C:\Users\Aaron School\AppData\Local\SageThumbs.db3
2016-06-03 13:51 - 2013-11-01 12:09 - 00002076 _____ C:\Users\Aaron School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-06-03 13:49 - 2014-07-07 12:31 - 00002063 _____ C:\Users\Aaron School\Desktop\Continue installation  - keywordrequest Installation.lnk
2016-06-03 13:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Help
2016-06-03 12:54 - 2015-11-07 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-03 12:54 - 2013-08-05 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-06-03 12:54 - 2011-11-09 12:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-06-03 12:54 - 2011-11-09 12:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-06-03 12:23 - 2014-09-27 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-03 12:23 - 2014-09-27 11:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-03 11:20 - 2012-02-10 20:16 - 00000000 ____D C:\Windows\Hewlett-Packard
2016-06-03 11:06 - 2012-03-21 22:33 - 00000000 ____D C:\Users\Aaron\Documents\Aaron stuff
2016-06-03 02:57 - 2013-11-01 12:09 - 00000000 ____D C:\Users\Aaron School
2016-06-03 02:04 - 2012-04-11 16:42 - 00000000 ____D C:\Users\Aaron\AppData\Local\Adobe
2016-06-02 16:56 - 2014-03-23 14:15 - 00000000 ____D C:\Windows\pss
2016-06-02 16:25 - 2013-05-31 23:54 - 00000000 ____D C:\JRT
2016-06-02 13:40 - 2012-06-01 12:36 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-02 12:49 - 2012-05-28 22:38 - 00000000 ____D C:\Users\Aaron\.gimp-2.6
2016-06-02 11:08 - 2009-07-13 19:34 - 00000487 _____ C:\Windows\system32\Drivers\etc\hosts.hitmanpro
2016-06-02 10:22 - 2012-03-19 15:44 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Adobe
2016-06-01 12:26 - 2012-06-01 15:00 - 00000132 _____ C:\Users\Aaron\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-05-22 19:51 - 2014-05-12 14:47 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam
2016-05-14 14:04 - 2012-04-06 16:27 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-14 14:04 - 2011-11-09 11:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 03:37 - 2016-03-24 11:44 - 00000000 ____D C:\Users\Aaron\Downloads\Led rld-stfiv2016
 
==================== Files in the root of some directories =======
 
2013-11-01 12:07 - 2013-11-01 12:08 - 0557887 _____ () C:\Program Files\bookmarks.html
2014-02-09 11:11 - 2014-02-09 11:11 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe GIF Format CS5 Prefs
2014-05-03 11:14 - 2014-05-03 11:14 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe GIF Format CS6 Prefs
2012-06-01 15:00 - 2016-06-01 12:26 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-10-03 01:35 - 2014-10-12 12:51 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-06-29 10:14 - 2012-06-29 10:14 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe Targa Format CS5 Prefs
2013-09-01 13:20 - 2016-06-04 23:09 - 0000100 _____ () C:\Users\Aaron\AppData\Roaming\Camdata.ini
2013-09-01 13:20 - 2016-06-04 23:09 - 0000408 _____ () C:\Users\Aaron\AppData\Roaming\CamLayout.ini
2013-09-01 13:20 - 2016-06-04 23:09 - 0000408 _____ () C:\Users\Aaron\AppData\Roaming\CamShapes.ini
2013-09-01 12:23 - 2016-06-04 23:09 - 0004522 _____ () C:\Users\Aaron\AppData\Roaming\CamStudio.cfg
2016-06-02 15:48 - 2016-06-02 15:48 - 0128512 _____ () C:\Users\Aaron\AppData\Roaming\Installer.dat
2013-12-19 16:59 - 2014-02-09 12:51 - 0001456 _____ () C:\Users\Aaron\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-03-31 22:52 - 2014-10-03 22:36 - 0001456 _____ () C:\Users\Aaron\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-12-18 19:05 - 2016-06-08 23:18 - 4839424 _____ () C:\Users\Aaron\AppData\Local\SageThumbs.db3
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-06-03 19:30
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-06-2016
Ran by Aaron (2016-06-09 21:41:47)
Running from C:\Users\Aaron\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-20 06:32:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Aaron (S-1-5-21-691505584-3256853444-1998314781-1002 - Administrator - Enabled) => C:\Users\Aaron
Aaron School (S-1-5-21-691505584-3256853444-1998314781-1006 - Administrator - Enabled) => C:\Users\Aaron School
Administrator (S-1-5-21-691505584-3256853444-1998314781-500 - Administrator - Disabled)
Guest (S-1-5-21-691505584-3256853444-1998314781-501 - Limited - Disabled)
guest 1 (S-1-5-21-691505584-3256853444-1998314781-1004 - Administrator - Enabled) => C:\Users\guest 1
HomeGroupUser$ (S-1-5-21-691505584-3256853444-1998314781-1003 - Limited - Enabled)
Mcx1-AARON-HP (S-1-5-21-691505584-3256853444-1998314781-1005 - Limited - Enabled) => C:\Users\Mcx1-AARON-HP
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 9.0.377.0 (Disabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG Internet Security (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: ESET NOD32 Antivirus 9.0.377.0 (Disabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: AVG Internet Security (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
AD Blocker (HKLM-x32\...\{A6C3D5F0-3C6C-46BF-A8D0-06EE92E02E9E}_is1) (Version: 2.0 - Anvisoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aimersoft DVD Creator(Build 2.6.5) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version:  - Wondershare)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
Anvi Smart Defender 1.8 (HKLM-x32\...\Anvi Smart Defender) (Version: 1.8 - Anvisoft)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
AVG (Version: 16.81.7639 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4598 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.81.7639 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BootDreams (HKLM-x32\...\BootDreams) (Version:  - )
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
ChromecastApp (HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp4.com)
CopyTrans Suite Remove Only (HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
DiskAid 5.09 (HKLM-x32\...\DiskAid_is1) (Version: 5.09 - DigiDNA)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{7AE87B04-836F-4336-98A4-5FE6383003BC}) (Version: 9.0.377.0 - ESET, spol. s r.o.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlacSquisher 1.3.5 (HKLM-x32\...\FlacSquisher) (Version: 1.3.5 - FlacSquisher)
FMW 1 (Version: 1.92.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.79 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142000}) (Version: 1.4.2 - Sun Microsystems, Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LTS Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version:  - )
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Platinum Toolset (HKLM-x32\...\{9B5AA48E-8104-47FA-A8D8-F35DAADC7CC8}) (Version: 1.2.0.50 - company)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SageThumbs 2.0.0.17 (HKLM\...\SageThumbs) (Version: 2.0.0.17 - Cherubic Software)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Street Fighter IV - Arcade Edition (HKLM-x32\...\Super Street Fighter IV - Arcade Edition_is1) (Version:  - R.G. Mechanics, spider91)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC)
Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0001.129 - CAPCOM U.S.A., INC) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1220 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
System Ninja version 2.4.3 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 2.4.3 - SingularLabs)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Total Video2Dvd 3.30 (HKLM-x32\...\Total Video2Dvd 3.30_is1) (Version:  - EffectMatrix, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.14 - NCH Software)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebClient (HKLM-x32\...\WebClient) (Version:  - )
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
YouTube Video Downloader 3 (HKLM-x32\...\YouTube Video Downloader_is1) (Version:  - Tomabo)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-691505584-3256853444-1998314781-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll => No File
CustomCLSID: HKU\S-1-5-21-691505584-3256853444-1998314781-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-691505584-3256853444-1998314781-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05B26E45-755A-4D45-8A22-90F98C54D19B} - System32\Tasks\SafeZone scheduled Autoupdate 1465203079 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {082BB78E-E454-47B9-B9D4-6AC82384F1E3} - System32\Tasks\{2AF82BD6-8B47-47D1-9FA1-67811AD44F89} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {09EB34FB-5BAC-46F5-BDCB-F8ED02F719E8} - System32\Tasks\{1E57AB30-4551-4356-A780-F2BB4BA8A2A5} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {0B63883D-5C9E-4990-B493-7630915543CA} - System32\Tasks\{61696C2C-EA6B-45DA-B7FE-BCACC079F3BB} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {0F06B096-FC84-417E-8D8C-C4CDDE9AFC25} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-25] (Dropbox, Inc.)
Task: {166A3664-7963-4422-9501-A4AFFC7FE244} - System32\Tasks\{8C531811-F11A-4F6A-A070-A82C6456BCCA} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {16FF5D58-13EC-4CFF-8656-BD73D0F2DB19} - System32\Tasks\{2BA12E4B-77DE-47CF-9A67-89D3B53DFCA5} => pcalua.exe -a "C:\Users\Aaron\Desktop\games\BlazingTools Perfect Keylogger v1.75 [CheckOutEr]\Perfect Keylogger v1.75.exe" -d "C:\Users\Aaron\Desktop\games\BlazingTools Perfect Keylogger v1.75 [CheckOutEr]"
Task: {196B2EAA-FEF4-4AAB-A62E-4FEF49813AE8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-06] (AVAST Software)
Task: {1E456E75-121E-4167-8141-392534379071} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {203635F2-C304-478E-AB83-BE2C1C56C223} - System32\Tasks\{37270FDD-03EC-4153-BB78-9F59DDFB88FE} => pcalua.exe -a "C:\Users\Aaron\Desktop\New folder\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\Aaron\Desktop\New folder"
Task: {233CED48-82CC-4DF9-AFA5-C43721D0FE23} - System32\Tasks\{EEAC0F5E-BE8C-4057-97B6-EB41427B30E8} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {25E382B6-C27D-4577-9521-B1A45C61D33A} - System32\Tasks\{0D4B85AC-40CE-4EC5-9E5D-BB5637683E89} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {2731E9B4-C2D6-4478-AA1F-394C350E156C} - System32\Tasks\{E8079FBE-05E4-443D-B383-DF93B62257EA} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {2B8C4D1E-50B4-47EC-87AC-E4D7511DDCBB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-03-10] ()
Task: {2EB9A740-CCFD-4805-ABD2-34A366B7E1E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-25] (Dropbox, Inc.)
Task: {34E2BC68-E84F-4E87-A208-D4DA96CA87D1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {3D179A3D-1ECD-4009-BDD4-63ED9F7F23F1} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {3E4DA2C2-A261-4CC3-A404-81F40FD4AC31} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-691505584-3256853444-1998314781-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {3F1A5385-EA3A-41B7-A300-DAC69D26EAEE} - System32\Tasks\{9D742634-4A89-4892-827C-7B4C31656870} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {42A85E90-3718-416A-ACB5-415D989E89BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-04] (Google Inc.)
Task: {43A90022-B1B3-4BBB-9A83-F925EA2AB476} - System32\Tasks\RealCreateProcessScheduledTask54914005S-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
Task: {43FB314E-AA15-47C2-8E82-67E64D3EECF7} - System32\Tasks\Java™ Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {4426199C-2E54-46D1-BDAB-E48F69F039E8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {4978211F-6CA7-4DF7-A1A1-BFD23415F264} - System32\Tasks\{7DCF6A02-4422-4967-A9A3-5F5329E12DFD} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {4B5AA6C9-D32B-43B6-88F8-8176C980200B} - System32\Tasks\{E84CCACE-68DA-4B88-BACB-28503B7A724A} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {5CD262DA-71C1-4CBE-AB2B-1FF9E6B1C467} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-25] (CyberLink)
Task: {663C9DF8-88C4-4EB3-A4E8-840A355946E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {6AB6DC8B-EA3F-44D8-AD0F-016093FC58ED} - System32\Tasks\{7C76CFE1-ED5E-488A-9A09-147781038873} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {6F05B237-16FB-44E9-AA13-51258424D0D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {734D1FEC-E3A7-45EB-81A0-981CC7585952} - System32\Tasks\RealCreateProcessScheduledTask417799116S-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
Task: {7F7F185E-A099-40B5-8317-2F31986D6710} - System32\Tasks\{89A32C6D-7A50-4F04-B044-20C2A945F8A6} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {8275472E-5348-453F-BA52-8149C0F2ED49} - System32\Tasks\{5101D055-3A46-4A84-9CC6-1ED3EC603E9A} => pcalua.exe -a G:\Setup.exe -d G:\
Task: {82FC3E12-2F9B-4153-BB81-8F4540E64249} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {85D85894-410D-4CC4-8BE2-4BEBCCA339ED} - System32\Tasks\{62C3B824-CEAC-40FB-B1F9-FFBA9B9EDE26} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {8C3599EF-0DB5-44C1-9208-71FA2FE344EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {9230994E-0FE3-4776-9F8C-FC5624E864A7} - System32\Tasks\{84917031-8D2A-4A43-B023-7AD279BF67CC} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {982D23ED-C215-4342-B14D-C5DFA5DD8A5F} - System32\Tasks\{7B59D47F-357B-4CCC-9DAE-64FFE74B2713} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {9D2E0AB6-1EFD-45DF-B078-D0B2B3A3F726} - System32\Tasks\{E9DE209F-27E4-4284-97C0-718AD4FD961F} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {9EEF01FC-BA83-443F-9112-520D3A7BA256} - System32\Tasks\{20C19202-2B2B-4013-BE8B-8261A7F47504} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {A1060A58-A70E-421C-B99D-5B3F4DA0162A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-06] (AVAST Software)
Task: {A18143FD-74C9-424C-B62B-9CB14B2776FF} - System32\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {A9D89AA7-9E98-47AE-84B6-B14E62531EEF} - System32\Tasks\{075B4ED4-A865-45FB-9B65-1484E409F5EA} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {B00722D8-612B-47D0-8693-AF99A6969BA2} - System32\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B05A8A18-773C-4D74-A570-2B8438835A89} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-04] (Google Inc.)
Task: {B1AF2DC1-D6F4-4CA1-BBBE-7988D7FB8A0B} - System32\Tasks\{A3A71168-608B-4BC9-8CCD-C21ED0A417AC} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {B83BD61A-D3D8-4D38-A058-1DF2F7745357} - System32\Tasks\{7E46838B-90F1-4780-B2B8-1D77BCE39075} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {BBD36E81-AC94-4265-BC6A-AD6BBF5A695B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-12-15] (Hewlett-Packard)
Task: {BCAE7FD1-54FB-4CE2-9373-4ED4ADB8618F} - System32\Tasks\{E4EA3CE1-08FF-4913-AF5D-0FB837EDDC64} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {BFE34B32-D352-46AE-9E5E-A1639581E211} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {C08A77D9-3ED9-48D0-9752-0258D08144AC} - System32\Tasks\{438F1CF5-C51E-4502-8F40-3A4997AF5EB3} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {C692A4A8-67BA-4722-896E-DEDBB930EE0B} - \GoforFilesUpdate -> No File <==== ATTENTION
Task: {D1526F02-320A-42F8-B4CD-C68F6521A5B8} - \SecurityApps2 -> No File <==== ATTENTION
Task: {D31D7D2E-EEB9-4A82-AE76-CBD8BEBAE73F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-691505584-3256853444-1998314781-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {D3B4A6A7-3A84-40E1-8BD3-12383C3C8294} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-AARON-HP => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {D4C948EF-EE28-4878-BA4F-1BFAFBE8140F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D6477097-2837-4B5A-9A43-B17D5A8CC606} - System32\Tasks\{9AC1936E-F3BA-48CB-B68C-3FA4F4436123} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {D9D4041D-3C0E-47AD-B61A-9085BC7671AE} - System32\Tasks\{F7361185-5C0C-47FE-BB77-3FCC33710808} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {DCC53ABE-A0BC-4B6B-BE4A-8AA5208459AF} - System32\Tasks\{7C4C5503-8DC9-4C4A-912E-1B7D47B7942F} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {E2203506-1FB1-4BBD-8E45-78FB7439E3B9} - System32\Tasks\{B15CA2A3-E5F7-40DE-A177-E36EC922628B} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {E4470187-72BE-42E3-94C2-CA965582107A} - System32\Tasks\{4B5E36E1-175B-4840-822E-9BDB51433B34} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {EBCB4EC9-368E-4CCB-B0FA-218EC2C5798E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EF4516E5-A301-4D08-893F-D514C6459B95} - System32\Tasks\{C58772F1-692C-4D48-B55A-E5BEE7C29656} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {F36DE198-BB3B-41C8-9F04-43B25EC37DA5} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {F7B5B3F5-0F7E-477B-A6A9-B4ABFEBE94CE} - System32\Tasks\{DD6F44AA-C79D-4260-B878-953CA744595D} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {F9C7E6DC-6970-4BD1-BB2B-5AE2D96A3DD8} - System32\Tasks\RealCreateProcessScheduledTask1296471269S-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-03-10 18:35 - 2014-03-10 18:35 - 03727360 _____ () C:\Windows\AutoKMS\AutoKMS.exe
2012-04-03 11:07 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-01-09 22:26 - 2014-01-09 22:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-05-27 16:36 - 2012-12-21 09:26 - 00979816 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
2011-09-28 07:19 - 2011-09-28 07:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-28 07:06 - 2011-09-28 07:06 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-06-06 01:43 - 2016-06-06 01:43 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-09 22:28 - 2014-01-09 22:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-12-20 19:43 - 2012-12-20 19:43 - 00785256 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
2013-05-27 16:36 - 2005-01-02 09:22 - 00776192 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sqlite3.dll
2016-06-04 11:13 - 2016-05-05 03:09 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-06-04 11:12 - 2016-05-05 03:10 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-06-04 11:12 - 2016-05-05 03:09 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-06-04 11:13 - 2016-05-05 03:09 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-06-04 11:13 - 2016-05-05 03:09 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-06-04 11:12 - 2016-05-05 03:09 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-06-04 11:13 - 2016-05-31 11:34 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-06-04 11:13 - 2016-05-05 03:09 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 11:13 - 2016-05-05 03:10 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-06-04 11:12 - 2016-05-05 03:11 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 11:12 - 2016-05-05 03:09 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-06-04 11:12 - 2016-05-31 11:33 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-06-04 11:13 - 2016-05-05 03:09 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-06-04 11:12 - 2016-05-05 03:10 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 11:12 - 2016-05-05 03:12 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-06-04 11:12 - 2016-05-31 11:34 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-06-04 11:12 - 2016-05-31 11:34 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-06-04 11:13 - 2016-05-05 03:10 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-04 12:20 - 2015-04-07 06:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-06-06 01:43 - 2016-06-06 01:43 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-06 01:43 - 2016-06-06 01:43 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Aaron\Desktop\Document.docx:com.dropbox.attributes [168]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2016-06-09 01:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: ADBlockerSrv => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: asdsrv => 2
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: AvgAMPS => 3
MSCONFIG\Services: avgfws => 2
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TOSHIBA Bluetooth Service => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WTabletServicePro => 2
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{ED7E7EB1-D181-4548-8C0A-22A3295DB24E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B74F2076-5601-40D6-A75F-88AFE5CEE300}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E99FB998-726A-47BE-9DE4-64DEEDB8E8D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D5607F63-21CC-4083-8D4C-1E068DEB390B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5E6B6988-B1B5-41AC-B50B-26A47BBC5764}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FBD9EBB-CD88-4260-BF28-0E9C2C930C73}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe
FirewallRules: [{761C9448-31FC-46F9-9CC5-265B4E0B9241}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe
 
==================== Restore Points =========================
 
04-06-2016 22:08:13 Checkpoint by HitmanPro
04-06-2016 22:09:22 Checkpoint by HitmanPro
04-06-2016 23:39:26 Removed Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
05-06-2016 13:05:22 working decent 
05-06-2016 22:39:02 JRT Pre-Junkware Removal
08-06-2016 21:45:48 Windows Update
09-06-2016 01:32:17 Windows Update
09-06-2016 20:45:06 zoek.exe restore point
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: A2 Direct Disk Access Support Driver
Description: A2 Direct Disk Access Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: A2DDA
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/09/2016 09:35:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/09/2016 07:47:52 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0, Version=9.0.0.00000000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80070020
 
Error: (06/09/2016 07:47:50 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0, Version=10.0.0.00000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80070020
 
Error: (06/09/2016 07:47:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0, Version=9.0.0.00000000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80070020
 
Error: (06/09/2016 07:47:47 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0, Version=10.0.0.00000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80070020
 
Error: (06/09/2016 07:47:46 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0, Version=10.0.0.00000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80070020
 
Error: (06/09/2016 07:47:40 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.Office.Tools.Outlook.v9.0, Version=9.0.0.00000000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80070020
 
Error: (06/09/2016 07:47:27 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.MediaCenter, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
 
Error: (06/09/2016 07:46:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.MediaCenter, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
 
Error: (06/09/2016 07:29:57 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
 
System errors:
=============
Error: (06/09/2016 09:40:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (06/09/2016 09:35:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
tspor
 
Error: (06/09/2016 09:19:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (06/09/2016 09:19:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (06/09/2016 09:19:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (06/09/2016 09:19:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (06/09/2016 09:19:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (06/09/2016 06:55:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (06/09/2016 06:53:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (06/09/2016 06:49:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
tspor
 
 
CodeIntegrity:
===================================
  Date: 2016-06-09 00:56:46.366
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-09 00:56:46.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 02:57:56.858
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 02:57:56.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 01:59:16.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 01:59:15.551
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 16:48:01.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 16:48:01.720
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 15:55:04.697
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 15:55:04.689
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-3520M APU with Radeon™ HD Graphics
Percentage of memory in use: 75%
Total physical RAM: 5609.91 MB
Available physical RAM: 1348.75 MB
Total Virtual: 10728.1 MB
Available Virtual: 6913.25 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:570.42 GB) (Free:280.21 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:21.58 GB) (Free:2.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.49 GB) FAT32
Drive h: () (Removable) (Total:3.73 GB) (Free:0.93 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E871E610)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=570.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#7 satchfan

satchfan

  • Malware Response Team
  • 2,840 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:12:02 PM

Posted 12 June 2016 - 04:19 AM

I'm checking your FRST log but at a quick glance I've noticed a few things so while I continue checking I'd like you to carry out a few more things .

 

===================================================

 

Note: Please follow these instructions in the order given.

===================================================

Multiple antiviruses

You have Avast and AVG antivirus programs installed.

You can not run two real-time antiviruses at the same time. Although many have different methods of searching for and recognising threats, they will all be 'fighting' in memory to kick each other out, rendering them all ineffective.

I would suggest you uninstall AVG but it is your choice.

  • click Start, Control Panel, Programs and Features
  • scroll down the list click on either Avast or AVG and then on Remove.

If you removed AVG:

Run AVG removal tool

There will still be some remnants of AVG on your computer even after the uninstall so please download and run AVG Removal Tool from here.
===================================================

Run CKScanner

Download CKScanner by askey127 from here & save it to your Desktop.

  • double-click CKScanner.exe then click Search For Files
  • when the cursor hourglass disappears, click Save List To File
  • a message box will verify the file saved
  • double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply.

================================================

Run Security Check

Download Security Check by screen317 from here.

  • save it to your Desktop.
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE: If you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED!, try rebooting the system and then run SecurityCheck again.

Logs to include with next post:

CKFiles.txt
checkup.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#8 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 13 June 2016 - 01:10 AM

so i ended up removing AVG as suggested and then proceeded with the rest.

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\aaron\documents\aaron stuff\aaron music\frank ocean\channel orange (explicit version)\09 crack rock.m4a
c:\users\aaron\music\itunes\mobile applications\trivia crack 1.9.3.ipa
c:\windows\autokms\autokms.exe
scanner sequence 3.AB.11.TPAAV0
 ----- EOF ----- 
 

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 9.0.377.0   
avast! Antivirus                 
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 AVG PC TuneUp   
 JavaFX 2.1.0    
 Java 7 Update 25  
 Java 2 Runtime Environment, SE v1.4.2 
 Java version 32-bit out of Date! 
 Adobe Flash Player 21.0.0.242  
 Adobe Reader XI  
 Mozilla Firefox 38.0.1 Firefox out of Date!  
 Google Chrome (51.0.2704.79) 
 Google Chrome (51.0.2704.84) 
 Google Chrome (SetupMetrics.pma..) 
````````Process Check: objlist.exe by Laurent````````  
 Anvisoft Anvi Smart Defender ASDTray.exe  
 Anvisoft Anvi Smart Defender toolbox adblocker\ADBlockerTray.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log`````````````````````` 


#9 satchfan

satchfan

  • Malware Response Team
  • 2,840 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:12:02 PM

Posted 13 June 2016 - 03:26 AM

You have illegal software on your system, which is probably how your computer became infected. Besides being illegal, cracks/keygens are the most certain means of infecting your system, as ALL illegal software contains some form of malicious code.

This forum, as well as all the other well-respected malware removal forums, does not condone the use of illegal software.

Please uninstall all the illegal software that you have downloaded and installed. When you have done that, run CKScanner again and post a new log.

Thanks

Satchfan


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#10 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 15 June 2016 - 12:03 AM

My apologies for that. My cousin did have access to my computer years ago and used it for mainly for college. I also wasn't quite sure but deduced that it wasnt the frank ocean song labeled crack rock or the iphone app a game called  trivia crack. so figured it was the automks which i ended up removing. Also it was dated back to march of 2013 so whatever it was it wasn't recent. and I dont think was the direct cause of this issue I'm currently having. maybe it was not sure. 
 
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\aaron\documents\aaron stuff\aaron music\frank ocean\channel orange (explicit version)\09 crack rock.m4a
c:\users\aaron\music\itunes\mobile applications\trivia crack 1.9.3.ipa
scanner sequence 3.AA.11.WGABIA
 ----- EOF ----- 


#11 satchfan

satchfan

  • Malware Response Team
  • 2,840 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:12:02 PM

Posted 15 June 2016 - 03:46 AM

Always risky letting anyone use your computer but well done on removing that.

Since you have made changes since the first scan was run I’ll need a new log.

Please run FRST again and make sure there is a checkmark next to "Addition.txt" before you hit “Scan”.

Logs to include with next post:

New Frst.txt
New Addition.txt


Thanks

Satchfan


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#12 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 17 June 2016 - 04:53 PM

Lesson definitely learned. I'm still here. I've gotten the logs just need to get a way to post them up

#13 satchfan

satchfan

  • Malware Response Team
  • 2,840 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:12:02 PM

Posted 17 June 2016 - 05:57 PM

:thumbup2:


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#14 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 17 June 2016 - 10:31 PM

Thanks again for your patience satchfan

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-06-2016
Ran by Aaron (administrator) on AARON-HP (17-06-2016 14:10:41)
Running from C:\Users\Aaron\Desktop
Loaded Profiles: Aaron (Available Profiles: Aaron & guest 1 & Mcx1-AARON-HP & Aaron School)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
(AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
() C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-02] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-13] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [Anvi Smart Defender] => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe [1434984 2012-12-20] (Anvisoft)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1666560 2012-02-20] (AimerSoft)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADBlocker] => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe [979816 2012-12-21] ()
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-12] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-08-21] (RealNetworks, Inc.)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-05-31] (SUPERAntiSpyware)
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0FFB5237-8642-42B3-9D7E-6AE210979A6E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT/1
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {008F6831-ECBA-4246-911D-F1DF440F0458} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> {73cd434e-8e1e-46b6-bb8d-7dd935140717} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-30] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-691505584-3256853444-1998314781-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} hxxps://www.icloud.com/system/iCloud.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
 
FireFox:
========
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057
FF DefaultSearchEngine.US: Amazon.com
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-08-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-17] (DivX, LLC)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-08-21] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-04] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: LTS Web Components -> C:\Program Files (x86)\LTS Web Components\npLTSWebVideoPlugin.dll [2015-08-06] ()
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @talk.google.com/O1DPlugin -> C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-691505584-3256853444-1998314781-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-08-21] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Aaron\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Aaron\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\searchplugins\firefox-add-ons.xml [2013-05-27]
FF Extension: YouTube Video Downloader Extension - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi [2013-05-13] [not signed]
FF Extension: Add to Amazon Wish List Button - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\extensions\amznUWL2@amazon.com.xpi [2016-06-02]
FF Extension: Add Google Search To New Tab Page - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\extensions\newtabgoogle@graememcc.co.uk.xpi [2016-06-02]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\9fcox9ee.default-1359401238057\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-04-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-06]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-05-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-06-11]
CHR Extension: (Avast Online Security) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-12-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-691505584-3256853444-1998314781-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-06]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-21]
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 ADBlockerSrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe [279368 2012-11-13] ()
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 asdsrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [735592 2012-12-20] (Anvisoft)
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-06] (AVAST Software)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-25] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-25] (Dropbox, Inc.)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-06-05] (SurfRight B.V.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 asdnet; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [19280 2012-09-07] ()
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [18768 2012-11-07] (Anvisoft)
R2 asdrs; C:\Windows\system32\DRIVERS\asdrs.sys [23376 2012-11-07] (Anvisoft)
R2 asdws; C:\Windows\system32\DRIVERS\asdws.sys [17232 2012-11-07] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-06] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-27] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [46960 2016-06-08] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Tosrfcom; no ImagePath
S1 A2DDA; \??\C:\Users\Aaron\Desktop\Run\a2ddax64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 eamonm; system32\DRIVERS\eamonm.sys [X]
S1 ehdrv; system32\DRIVERS\ehdrv.sys [X]
S1 fkjpbclc; \??\C:\Windows\system32\drivers\fkjpbclc.sys [X]
S1 gmtweagw; \??\C:\Windows\system32\drivers\gmtweagw.sys [X]
S1 kgquubom; \??\C:\Windows\system32\drivers\kgquubom.sys [X]
S1 pfnrymhh; \??\C:\Windows\system32\drivers\pfnrymhh.sys [X]
U2 TMAgent; no ImagePath
S0 tspor; System32\drivers\cfqr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-17 14:03 - 2016-06-17 14:03 - 00001413 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-16 05:35 - 2015-11-10 11:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-06-16 05:35 - 2015-11-10 11:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-06-16 05:35 - 2015-11-10 11:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-06-16 05:33 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-16 05:33 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-16 05:29 - 2016-04-14 06:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-16 05:29 - 2016-04-14 06:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-16 05:29 - 2015-12-08 14:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-06-16 05:29 - 2015-12-08 12:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-06-16 05:28 - 2016-04-08 21:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-16 05:28 - 2016-04-08 20:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-16 05:28 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-06-16 05:28 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-06-16 04:38 - 2015-01-08 16:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2016-06-16 04:38 - 2015-01-08 16:43 - 00419936 _____ C:\Windows\system32\locale.nls
2016-06-16 04:37 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-16 04:37 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-16 04:34 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-06-16 04:30 - 2016-06-16 04:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-16 04:30 - 2016-06-16 04:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-16 04:30 - 2016-06-16 04:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-16 04:30 - 2016-06-16 04:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-16 04:30 - 2016-06-16 04:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-06-16 04:30 - 2016-06-16 04:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-06-16 04:30 - 2016-06-16 04:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-16 04:30 - 2016-06-16 04:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-16 04:30 - 2016-06-16 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-06-16 04:30 - 2016-06-16 04:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-06-16 04:30 - 2016-06-16 04:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-06-16 04:30 - 2016-06-16 04:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-06-16 04:30 - 2016-06-16 04:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-06-16 04:07 - 2016-06-16 04:07 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-06-16 03:22 - 2016-06-16 03:38 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 22:10 - 2016-03-17 15:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 22:10 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 22:09 - 2016-01-20 17:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-06-15 22:06 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-06-15 22:06 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-06-15 22:06 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-06-15 22:05 - 2015-11-03 12:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-06-15 22:05 - 2015-11-03 11:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-06-15 22:00 - 2016-05-12 10:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 22:00 - 2016-05-12 10:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-15 22:00 - 2016-05-12 10:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-15 22:00 - 2016-05-12 10:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-15 22:00 - 2016-05-12 10:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-15 22:00 - 2016-05-12 10:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-15 22:00 - 2016-05-12 10:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-15 22:00 - 2016-05-12 10:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-15 22:00 - 2016-05-12 08:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-15 22:00 - 2016-05-12 08:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-15 22:00 - 2016-05-12 07:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 22:00 - 2016-05-12 07:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 22:00 - 2016-05-12 07:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 22:00 - 2016-05-12 07:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 22:00 - 2016-05-12 07:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 22:00 - 2016-05-12 07:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 22:00 - 2016-05-12 07:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-15 22:00 - 2016-05-12 07:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-15 22:00 - 2016-05-12 07:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-15 22:00 - 2016-05-12 06:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 22:00 - 2016-05-12 06:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 22:00 - 2016-05-12 06:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 22:00 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-06-15 22:00 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-06-15 22:00 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-06-15 22:00 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-06-15 22:00 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-06-15 22:00 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-06-15 22:00 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-06-15 22:00 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-06-15 22:00 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-06-15 22:00 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-06-15 21:57 - 2016-06-06 09:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 21:57 - 2016-06-06 09:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 21:57 - 2016-06-03 06:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 21:57 - 2016-05-27 06:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-15 21:57 - 2016-05-27 06:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 21:57 - 2016-05-27 06:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 21:57 - 2016-05-27 06:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-15 21:57 - 2016-05-22 06:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 21:56 - 2016-05-13 15:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 21:56 - 2016-05-13 15:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 21:56 - 2016-05-13 15:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 21:56 - 2016-05-13 15:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-15 21:56 - 2016-05-13 15:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-15 21:56 - 2016-05-13 14:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 21:56 - 2016-05-13 14:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-15 21:56 - 2016-05-13 14:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 21:56 - 2016-05-13 14:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-15 21:56 - 2016-05-13 14:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 21:55 - 2016-05-18 09:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 21:55 - 2016-05-18 09:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 21:55 - 2016-05-12 10:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-15 21:55 - 2016-05-12 10:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 21:55 - 2016-05-12 10:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 21:55 - 2016-05-12 10:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 21:55 - 2016-05-12 10:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 21:55 - 2016-05-12 10:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 21:55 - 2016-05-12 08:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 21:55 - 2016-05-12 08:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 21:55 - 2016-05-12 08:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-15 21:55 - 2016-05-12 08:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 21:55 - 2016-05-12 08:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 21:55 - 2016-05-11 10:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 21:55 - 2016-05-11 10:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 21:55 - 2016-05-11 10:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 21:55 - 2016-05-11 10:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 21:55 - 2016-05-11 08:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 21:55 - 2016-05-11 08:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 21:55 - 2016-05-11 08:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 21:55 - 2016-05-11 08:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 21:55 - 2016-05-11 08:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-15 21:55 - 2016-05-11 08:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-15 21:55 - 2016-05-11 07:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 21:49 - 2016-04-08 23:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 21:49 - 2016-04-08 23:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-15 21:49 - 2016-04-08 23:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-15 21:49 - 2016-04-08 23:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-15 21:49 - 2016-04-08 22:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 21:49 - 2016-04-08 22:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 21:49 - 2016-03-09 12:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-15 21:49 - 2016-03-09 11:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-15 21:49 - 2015-07-10 10:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-06-15 21:49 - 2015-07-10 10:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-06-15 21:49 - 2015-07-10 10:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-06-15 21:49 - 2015-07-10 10:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-06-15 21:49 - 2015-07-10 10:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-06-15 21:49 - 2015-07-10 10:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-06-15 21:48 - 2016-04-14 09:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-15 21:48 - 2016-04-14 09:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-15 21:48 - 2016-04-14 09:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-15 21:48 - 2016-04-14 09:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-15 21:48 - 2016-04-14 09:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-15 21:48 - 2016-04-14 09:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-15 21:48 - 2016-04-14 08:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-15 21:48 - 2016-04-14 08:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-15 21:48 - 2016-04-14 08:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-15 21:48 - 2016-04-14 08:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-15 21:48 - 2016-04-14 08:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-15 21:48 - 2016-04-14 08:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-15 21:48 - 2015-05-25 11:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-06-15 21:48 - 2015-05-25 11:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-06-15 21:48 - 2015-05-25 11:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-06-15 21:48 - 2015-05-25 11:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-06-15 21:48 - 2015-05-25 11:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-06-15 21:48 - 2015-05-25 11:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-06-15 21:48 - 2015-05-25 11:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-06-15 21:48 - 2015-05-25 11:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-06-15 21:48 - 2015-05-25 11:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-06-15 21:48 - 2015-05-25 11:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-06-15 21:48 - 2015-05-25 11:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-06-15 21:48 - 2015-05-25 11:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-06-15 05:39 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-06-15 05:39 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-06-15 05:39 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-06-15 05:39 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-06-15 04:00 - 2016-06-16 04:44 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-15 04:00 - 2016-06-15 04:05 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-15 04:00 - 2016-06-15 04:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-15 04:00 - 2016-06-15 04:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-15 03:01 - 2015-02-02 20:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-06-15 03:01 - 2015-02-02 20:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-06-15 03:01 - 2015-02-02 20:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-06-15 03:01 - 2015-02-02 20:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-06-15 03:01 - 2015-02-02 20:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-15 03:01 - 2015-02-02 20:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-06-15 03:01 - 2015-02-02 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-06-15 03:01 - 2015-02-02 20:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-06-15 03:01 - 2015-02-02 20:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-06-15 03:01 - 2015-02-02 20:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-06-15 03:01 - 2015-02-02 20:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-06-15 03:01 - 2015-02-02 20:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-06-15 03:00 - 2015-02-02 20:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-06-15 00:23 - 2016-06-15 00:35 - 00000238 _____ C:\Users\Aaron\Desktop\Search.txt
2016-06-14 23:18 - 2016-03-23 07:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-06-14 23:18 - 2016-02-03 07:07 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-06-14 17:27 - 2016-03-16 11:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-06-14 17:27 - 2016-03-16 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-06-14 17:27 - 2016-03-16 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-06-14 16:22 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-06-14 16:22 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-06-14 16:22 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-06-14 16:22 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-06-14 16:22 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-06-14 16:22 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-06-14 16:22 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-06-14 16:22 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-06-14 16:22 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-06-14 16:22 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-06-14 16:22 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-06-14 16:22 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-06-14 16:22 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-06-14 16:22 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-06-14 16:22 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-06-14 16:22 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-06-14 16:22 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-06-14 16:22 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-06-14 14:39 - 2015-11-19 07:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-06-14 14:39 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-06-14 12:04 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-06-14 12:04 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-06-14 10:28 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-06-14 10:28 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-06-14 10:28 - 2015-11-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-06-14 10:28 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-06-14 10:28 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-06-14 10:28 - 2015-11-13 15:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-06-14 09:51 - 2015-07-14 20:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-06-14 09:25 - 2015-11-10 11:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-06-14 09:25 - 2015-11-10 11:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-06-14 09:12 - 2015-07-01 13:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-06-14 09:12 - 2015-07-01 13:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-06-14 09:12 - 2015-07-01 13:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-06-14 09:12 - 2015-07-01 13:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-06-14 08:56 - 2016-02-02 11:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-14 08:56 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-06-14 08:56 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-06-14 08:56 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-06-14 08:56 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-06-14 08:55 - 2016-03-06 11:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-06-14 08:55 - 2016-03-06 11:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-06-14 08:55 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-06-14 08:55 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-06-14 08:55 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-06-14 08:55 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-06-14 08:41 - 2012-10-09 11:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 08:41 - 2012-10-09 11:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 08:41 - 2012-10-09 10:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 08:41 - 2012-10-09 10:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 08:22 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-14 08:22 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-14 08:22 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-06-14 08:10 - 2014-10-13 19:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-06-14 08:03 - 2016-02-12 11:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-14 08:03 - 2016-02-12 11:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-14 08:03 - 2016-02-12 11:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-14 08:03 - 2016-02-12 11:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-06-14 08:03 - 2016-02-12 11:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-14 08:03 - 2016-02-12 11:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-14 08:03 - 2016-02-12 11:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-14 08:03 - 2016-02-12 11:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-14 08:03 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-14 08:03 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-14 08:03 - 2016-02-12 11:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-14 08:03 - 2016-02-12 11:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-06-14 08:03 - 2016-02-12 11:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-14 08:03 - 2016-02-12 11:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-14 08:03 - 2016-02-12 11:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-14 08:03 - 2016-02-12 11:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-14 07:57 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-06-14 07:57 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-06-14 07:53 - 2015-02-02 20:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-06-14 07:53 - 2015-02-02 20:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2016-06-14 07:48 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-06-14 07:42 - 2016-02-05 11:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-06-14 07:42 - 2016-02-05 11:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-06-14 07:42 - 2016-02-05 10:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-06-14 07:42 - 2015-06-03 13:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-14 07:42 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-06-14 07:42 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-06-14 07:42 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-06-14 07:42 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-06-14 07:42 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-06-14 07:42 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-06-14 07:35 - 2016-01-11 12:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-06-14 07:25 - 2012-07-04 13:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2016-06-14 07:20 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-06-14 07:20 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-06-14 07:20 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-06-14 07:20 - 2012-11-28 15:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-06-14 06:06 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-06-14 06:01 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-06-14 06:01 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-06-14 06:01 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-06-14 06:01 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-06-14 06:01 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-06-14 06:01 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-06-14 06:01 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-06-14 06:01 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-06-14 06:00 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-06-14 06:00 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-06-14 06:00 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-06-14 06:00 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-06-14 06:00 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-06-14 06:00 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-06-14 05:05 - 2013-04-25 16:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-06-14 05:05 - 2013-03-31 15:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-06-14 05:04 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-06-14 05:00 - 2015-11-11 11:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-06-14 05:00 - 2015-11-11 11:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-06-14 05:00 - 2015-11-11 11:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-06-14 05:00 - 2015-11-11 11:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-06-14 05:00 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2016-06-14 05:00 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2016-06-14 04:53 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-06-14 04:53 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-06-14 04:53 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-06-14 04:34 - 2016-04-09 00:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-14 04:34 - 2016-04-09 00:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-06-14 04:34 - 2016-04-08 23:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-14 04:34 - 2014-12-11 10:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-06-13 23:25 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-06-13 23:25 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-06-13 23:04 - 2016-02-03 11:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-06-13 23:04 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-06-13 23:04 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-06-13 23:04 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-06-13 23:04 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-06-13 23:04 - 2013-11-26 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-06-13 23:04 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-06-13 23:04 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-06-13 23:03 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-06-13 23:03 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-06-13 22:57 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-06-13 22:57 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-06-13 22:57 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-13 22:57 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-06-13 22:57 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-06-13 22:57 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-06-13 22:57 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-06-13 22:57 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-06-13 22:53 - 2012-10-03 10:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2016-06-13 22:53 - 2012-10-03 10:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-06-13 22:53 - 2012-10-03 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-06-13 22:53 - 2012-10-03 10:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-06-13 22:53 - 2012-10-03 10:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-13 22:53 - 2012-10-03 09:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2016-06-13 22:53 - 2012-10-03 09:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-06-13 22:53 - 2012-10-03 09:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-06-13 19:34 - 2016-02-03 11:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-13 19:34 - 2016-02-03 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-06-13 19:34 - 2016-02-03 11:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-13 19:34 - 2016-02-03 11:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-06-13 19:34 - 2016-01-07 10:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-06-13 19:34 - 2015-11-05 12:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-06-13 19:34 - 2015-11-05 12:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-06-13 19:34 - 2015-11-05 02:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-06-13 19:24 - 2016-02-04 18:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-06-13 19:24 - 2016-02-04 11:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-06-13 19:24 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-13 19:24 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-06-13 19:17 - 2012-05-13 22:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-06-13 06:50 - 2015-10-13 09:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-06-13 06:50 - 2015-10-13 09:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-06-13 06:50 - 2012-11-01 22:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-06-13 06:50 - 2012-11-01 22:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-06-13 06:49 - 2016-03-15 17:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-06-13 06:49 - 2016-03-15 17:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-06-13 06:49 - 2016-03-15 16:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-06-13 06:49 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2016-06-13 06:49 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2016-06-13 06:49 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2016-06-13 06:49 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2016-06-13 06:49 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2016-06-13 06:49 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2016-06-13 06:49 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2016-06-13 06:49 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2016-06-13 06:47 - 2015-10-29 10:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-06-13 06:47 - 2015-10-29 10:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-06-13 06:47 - 2015-10-29 10:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-06-13 06:47 - 2015-10-29 10:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-06-13 06:47 - 2015-10-29 10:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-06-13 06:47 - 2015-10-29 10:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-06-13 06:47 - 2015-10-29 10:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-06-13 06:47 - 2015-07-22 17:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-06-13 06:47 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-06-13 06:47 - 2015-07-22 10:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-06-13 06:47 - 2015-07-22 09:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-06-13 06:47 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-06-13 06:47 - 2015-07-09 10:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-06-13 06:47 - 2015-07-09 10:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-06-13 06:47 - 2014-08-11 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-06-13 06:47 - 2012-08-21 14:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2016-06-13 06:46 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-06-13 06:43 - 2015-12-08 14:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-06-13 06:43 - 2015-12-08 12:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-06-13 06:43 - 2012-12-07 06:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-06-13 06:43 - 2012-12-07 06:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-06-13 06:43 - 2012-12-07 05:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-06-13 06:43 - 2012-12-07 05:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-06-13 06:43 - 2012-12-07 04:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2016-06-13 06:43 - 2012-12-07 04:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2016-06-13 06:43 - 2012-12-07 04:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2016-06-13 06:43 - 2012-12-07 04:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2016-06-13 06:43 - 2012-12-07 04:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2016-06-13 06:43 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2016-06-13 06:43 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2016-06-13 06:43 - 2012-12-07 04:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2016-06-13 06:43 - 2012-12-07 03:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2016-06-13 06:42 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-06-13 06:42 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-06-13 06:41 - 2014-11-10 20:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-06-13 06:41 - 2014-11-10 19:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-06-13 06:40 - 2015-12-08 14:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-06-13 06:40 - 2015-12-08 14:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-06-13 06:40 - 2015-12-08 14:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-06-13 06:40 - 2015-12-08 14:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-06-13 06:40 - 2015-12-08 14:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-06-13 06:40 - 2015-12-08 14:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-06-13 06:40 - 2015-12-08 14:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-06-13 06:40 - 2015-12-08 14:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-06-13 06:40 - 2015-12-08 14:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-06-13 06:40 - 2015-12-08 12:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-06-13 06:40 - 2015-12-08 12:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-06-13 06:40 - 2015-12-08 12:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-06-13 06:40 - 2015-12-08 12:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-06-13 06:40 - 2015-12-08 12:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-06-13 06:40 - 2015-12-08 12:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-06-13 06:40 - 2015-12-08 11:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-06-13 06:40 - 2015-12-08 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-06-13 06:40 - 2015-12-08 11:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-06-13 06:35 - 2015-04-10 20:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2016-06-13 06:35 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-06-13 06:35 - 2012-09-25 15:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2016-06-13 06:35 - 2012-09-25 15:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2016-06-13 06:33 - 2016-01-21 23:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-06-13 06:33 - 2016-01-21 23:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-06-13 06:33 - 2016-01-21 23:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-06-13 06:33 - 2016-01-21 23:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-06-13 06:33 - 2015-08-27 11:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-06-13 06:33 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-06-13 06:33 - 2015-08-27 10:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-06-13 06:33 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-06-13 06:33 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-06-13 06:33 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-06-13 06:32 - 2016-02-09 02:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-06-13 06:32 - 2016-02-09 02:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-06-13 06:32 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-06-13 06:32 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-06-13 06:32 - 2016-02-09 02:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-06-13 06:32 - 2016-02-09 02:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-06-13 06:32 - 2016-02-09 02:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-06-13 06:32 - 2016-02-09 02:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-06-13 06:32 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-06-13 06:32 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-06-13 06:32 - 2015-10-12 21:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-06-13 06:32 - 2014-10-24 18:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-06-13 06:32 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-06-13 06:32 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-06-13 06:32 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-06-13 06:32 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-06-13 06:32 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-06-13 06:32 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-06-13 06:32 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-06-13 06:32 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-06-13 06:32 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-06-13 06:32 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-06-13 06:32 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-06-13 06:32 - 2014-07-16 19:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-06-13 06:32 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-13 06:32 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-06-13 06:32 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-06-13 06:32 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-06-13 06:32 - 2014-07-16 18:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-06-13 06:32 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-06-13 06:32 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-06-13 06:32 - 2013-05-09 22:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-06-13 06:32 - 2013-05-09 20:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-06-13 06:32 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-06-13 06:31 - 2012-07-04 15:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-06-13 06:31 - 2012-07-04 15:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-06-13 06:31 - 2012-07-04 15:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-06-13 06:31 - 2012-07-04 14:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-06-13 06:31 - 2012-07-04 14:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-06-13 06:30 - 2016-04-09 00:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-13 06:30 - 2016-04-09 00:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-13 06:30 - 2016-04-09 00:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-13 06:30 - 2016-04-08 23:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-06-13 06:30 - 2016-04-08 23:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-06-13 06:30 - 2016-04-08 23:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-06-13 06:30 - 2016-04-08 23:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 22:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-06-13 06:30 - 2016-04-08 22:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-06-13 06:30 - 2016-04-08 22:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-06-13 06:30 - 2016-04-08 22:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-06-13 06:30 - 2016-04-08 22:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-06-13 06:30 - 2016-04-08 22:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-06-13 06:30 - 2016-04-08 22:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-06-13 06:30 - 2016-04-08 22:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-06-13 06:30 - 2016-04-08 22:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-06-13 06:30 - 2016-04-08 22:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-06-13 06:30 - 2016-04-08 22:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 22:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-06-13 06:30 - 2016-04-08 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-06-13 06:30 - 2016-03-23 15:43 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-06-13 06:30 - 2016-03-23 15:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-06-13 06:30 - 2016-03-23 15:40 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-06-13 06:16 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-06-13 06:16 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-06-13 06:16 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-06-13 06:16 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-06-13 06:16 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-06-13 06:16 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-06-12 23:27 - 2016-06-12 23:28 - 11646112 _____ (ESET) C:\Users\Aaron\Downloads\9302.tmp
2016-06-12 23:17 - 2016-06-12 23:27 - 11646112 _____ (ESET) C:\Users\Aaron\Desktop\avremover_nt64_enu.exe
2016-06-12 15:15 - 2016-06-12 15:16 - 00001918 _____ C:\Users\Aaron\Desktop\New Text Document (2).txt
2016-06-12 15:03 - 2016-06-14 01:02 - 00001113 _____ C:\Users\Aaron\Desktop\ckfiles.txt
2016-06-12 14:11 - 2016-06-12 14:11 - 08111408 _____ ( ) C:\Users\Aaron\Desktop\AVG_Remover (1).exe
2016-06-12 14:11 - 2016-06-12 14:11 - 00852798 _____ C:\Users\Aaron\Desktop\SecurityCheck.exe
2016-06-12 14:10 - 2016-06-12 14:10 - 00468480 _____ () C:\Users\Aaron\Desktop\CKScanner.exe
2016-06-10 00:03 - 2016-06-10 00:03 - 00002840 _____ C:\Users\Aaron\Desktop\rk_6356.tmp.txt
2016-06-09 21:41 - 2016-06-09 21:46 - 00060010 _____ C:\Users\Aaron\Desktop\Addition.txt
2016-06-09 21:39 - 2016-06-17 14:10 - 00035311 _____ C:\Users\Aaron\Desktop\FRST.txt
2016-06-09 21:39 - 2016-06-17 14:10 - 00000000 ____D C:\FRST
2016-06-09 21:38 - 2016-06-09 22:58 - 02385408 _____ (Farbar) C:\Users\Aaron\Desktop\FRST64.exe
2016-06-09 21:38 - 2016-06-09 21:38 - 00020238 _____ C:\Users\Aaron\Desktop\zoek-results.txt
2016-06-09 21:35 - 2016-06-09 21:35 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-09 21:32 - 2016-06-09 20:37 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-06-09 20:38 - 2016-06-09 22:57 - 01309184 _____ C:\Users\Aaron\Desktop\zoek.exe
2016-06-09 20:37 - 2016-06-09 21:26 - 00000000 ____D C:\zoek_backup
2016-06-09 19:27 - 2016-06-09 19:27 - 00000000 ____D C:\Users\Aaron\AppData\Local\ElevatedDiagnostics
2016-06-09 01:24 - 2016-06-09 01:24 - 00044310 _____ C:\Users\Aaron\Desktop\comb.txt
2016-06-09 01:17 - 2016-06-09 01:17 - 00044310 _____ C:\ComboFix.txt
2016-06-09 00:26 - 2016-06-16 04:49 - 00000000 ____D C:\Windows\Panther
2016-06-09 00:19 - 2016-06-09 01:17 - 00000000 ____D C:\ComboFix
2016-06-08 23:57 - 2016-02-09 02:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-06-08 23:50 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-06-08 23:50 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-06-08 23:50 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-06-08 23:50 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-06-08 23:50 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-06-08 23:01 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-06-08 23:01 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-06-08 23:00 - 2015-01-16 19:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-08 23:00 - 2015-01-16 19:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-08 23:00 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-08 23:00 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-08 23:00 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-06-08 23:00 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-06-08 22:36 - 2016-06-08 22:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-08 22:36 - 2016-06-08 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-08 22:35 - 2016-06-08 22:35 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-06-08 22:35 - 2016-06-08 22:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-06-08 22:30 - 2016-03-09 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-06-08 22:30 - 2016-03-09 11:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-06-08 22:29 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-06-08 22:28 - 2015-11-03 12:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-06-08 22:28 - 2015-11-03 11:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-06-08 22:28 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-06-08 22:28 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-06-08 22:28 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-06-08 22:28 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-06-08 22:28 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-06-08 22:28 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-06-08 22:26 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-06-08 22:26 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-06-08 22:26 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-06-08 22:26 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-06-08 22:26 - 2012-06-02 07:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-06-08 22:23 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-06-08 22:23 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-06-08 22:23 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-06-08 22:23 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-06-08 22:23 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-06-08 22:23 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-06-08 22:23 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-06-08 22:23 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-06-08 22:16 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-06-08 22:16 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-06-08 22:16 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-06-08 21:57 - 2016-06-08 21:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-08 21:52 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-06-08 21:52 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-06-08 21:52 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-06-08 21:52 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-06-08 21:52 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-06-08 21:52 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-06-08 21:52 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-06-08 21:52 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-06-08 18:39 - 2016-06-08 18:39 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-06-08 13:44 - 2016-06-08 18:39 - 00046960 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-06-07 23:53 - 2016-06-07 23:54 - 00235802 _____ C:\TDSSKiller.3.1.0.9_07.06.2016_23.53.59_log.txt
2016-06-07 23:25 - 2016-06-08 21:37 - 00238496 _____ C:\Windows\ntbtlog.txt
2016-06-06 22:55 - 2016-06-17 14:03 - 00003340 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-691505584-3256853444-1998314781-1002
2016-06-06 22:37 - 2016-06-06 22:40 - 95918240 _____ (ESET) C:\Users\Aaron\Desktop\eav_nt64_enu.exe
2016-06-06 22:23 - 2016-06-06 22:23 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-06 22:23 - 2016-06-06 22:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-06 22:23 - 2016-06-06 22:23 - 00000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2016-06-06 22:23 - 2016-06-06 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-06 22:23 - 2016-06-06 22:23 - 00000000 ____D C:\Program Files\CCleaner
2016-06-06 22:20 - 2016-06-06 22:21 - 06893688 _____ (Piriform Ltd) C:\Users\Aaron\Desktop\ccsetup518.exe
2016-06-06 21:58 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-06 21:58 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-06 21:58 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-06 21:58 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-06 01:51 - 2016-06-06 01:51 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1465203079
2016-06-06 01:51 - 2016-06-06 01:51 - 00001037 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-06 01:51 - 2016-06-06 01:51 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-06 01:51 - 2016-06-06 01:51 - 00001037 _____ C:\ProgramData\Desktop\Avast SafeZone Browser.lnk
2016-06-06 01:50 - 2016-06-06 01:50 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-06 01:48 - 2016-06-06 01:48 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\AVAST Software
2016-06-06 01:47 - 2016-06-06 01:47 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-06-06 01:47 - 2016-06-06 01:47 - 00001922 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2016-06-06 01:47 - 2016-06-06 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-06 01:46 - 2016-06-17 14:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-06 01:46 - 2016-06-06 01:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-06-06 01:45 - 2016-06-06 01:43 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-06 01:45 - 2016-06-06 01:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-06 01:44 - 2016-06-06 01:43 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-06 01:43 - 2016-06-06 01:43 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-06 01:42 - 2016-06-06 01:50 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-05 22:50 - 2016-06-05 22:50 - 05198336 _____ (AVAST Software) C:\Users\Aaron\Desktop\asvastwMBR (1).exe
2016-06-05 22:30 - 2016-06-05 22:30 - 05200384 _____ (AVAST Software) C:\Users\Aaron\Documents\Unconfirmed 896022.crdownload
2016-06-05 21:50 - 2016-06-05 21:50 - 94065602 _____ C:\Users\Aaron\Desktop\headNEWEYEeeeeee.psd
2016-06-05 21:26 - 2016-06-05 21:49 - 94064738 _____ C:\Users\Aaron\headNEWEYEeeeeee.psd
2016-06-05 13:20 - 2016-06-05 13:20 - 00003704 _____ C:\Windows\System32\Tasks\Java™ Platform SE Auto Updater
2016-06-05 13:10 - 2016-06-05 20:59 - 00002491 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2016-06-05 13:10 - 2016-06-05 20:59 - 00002491 _____ C:\ProgramData\Desktop\AVG Driver Updater.lnk
2016-06-05 13:10 - 2016-06-05 13:10 - 01124512 _____ (SlimWare Utilities, Inc.) C:\Users\Aaron\Desktop\AVG_Driver_Updater_Setup_11_1.exe
2016-06-05 13:10 - 2016-06-05 13:10 - 00000000 ____D C:\Users\Aaron\AppData\Local\AVG Netherlands BV
2016-06-05 13:10 - 2016-06-05 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2016-06-05 13:10 - 2016-06-05 13:10 - 00000000 ____D C:\Program Files (x86)\AVG Driver Updater
2016-06-05 12:19 - 2016-06-01 15:12 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-06-05 12:19 - 2016-06-01 15:05 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-06-05 12:19 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2016-06-05 12:09 - 2016-06-05 12:09 - 03135696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Aaron\Desktop\AVG_PCTuneUp_879.exe
2016-06-05 00:41 - 2016-06-05 20:59 - 00001887 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-06-05 00:41 - 2016-06-05 20:59 - 00001887 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2016-06-05 00:41 - 2016-06-05 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-06-05 00:41 - 2016-06-05 00:41 - 00000000 ____D C:\Program Files\HitmanPro
2016-06-05 00:41 - 2016-06-04 22:32 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-05 00:23 - 2016-06-05 00:29 - 11438608 _____ (SurfRight B.V.) C:\Users\Aaron\Desktop\HitmanPro_x64.exe
2016-06-05 00:22 - 2016-06-05 00:22 - 00448512 _____ (OldTimer Tools) C:\Users\Aaron\Desktop\TFC.exe
2016-06-04 23:51 - 2016-06-04 23:51 - 00000000 ____D C:\SUPERDelete
2016-06-04 23:46 - 2016-06-17 07:46 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d.job
2016-06-04 23:46 - 2016-06-17 01:59 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4.job
2016-06-04 23:46 - 2016-06-04 23:46 - 00003588 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4
2016-06-04 23:46 - 2016-06-04 23:46 - 00003514 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d
2016-06-04 23:46 - 2016-06-04 23:46 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\SUPERAntiSpyware.com
2016-06-04 23:45 - 2016-06-09 21:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-04 23:45 - 2016-06-05 20:59 - 00001846 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-06-04 23:45 - 2016-06-05 20:59 - 00001846 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-06-04 23:45 - 2016-06-04 23:45 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-06-04 23:45 - 2016-06-04 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-06-04 23:44 - 2016-06-04 23:45 - 26109944 _____ (SUPERAntiSpyware) C:\Users\Aaron\Desktop\SUPERAntiSpyware.exe
2016-06-04 23:27 - 2016-06-04 23:27 - 01107968 _____ C:\Users\Aaron\Desktop\RSIT.exe
2016-06-04 23:27 - 2016-06-04 23:27 - 00000000 ____D C:\rsit
2016-06-04 23:27 - 2016-06-04 23:27 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-06-04 23:11 - 2016-06-10 00:03 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-04 23:11 - 2016-06-10 00:03 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-04 23:11 - 2016-06-10 00:03 - 00002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-06-04 23:11 - 2016-06-04 23:16 - 134501656 _____ (Microsoft Corporation) C:\Users\Aaron\Desktop\msert.exe
2016-06-04 23:07 - 2016-06-08 23:58 - 00000000 ____D C:\Users\Aaron\Desktop\backups
2016-06-04 22:39 - 2016-06-17 14:03 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-04 22:39 - 2016-06-17 13:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-04 22:39 - 2016-06-04 23:46 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-04 22:39 - 2016-06-04 23:46 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-04 22:37 - 2016-06-04 22:37 - 00987728 _____ (Google Inc.) C:\Users\Aaron\Desktop\ChromeSetup (1).exe
2016-06-04 22:09 - 2016-06-04 22:09 - 00005778 _____ C:\Windows\system32\.crusader
2016-06-04 18:20 - 2016-06-04 18:20 - 00987728 _____ (Google Inc.) C:\Users\Aaron\Desktop\ChromeSetup.exe
2016-06-04 12:31 - 2016-06-12 14:24 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\AVG
2016-06-04 12:29 - 2016-06-12 21:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-04 12:01 - 2016-06-04 12:02 - 00218366 _____ C:\TDSSKiller.3.1.0.9_04.06.2016_12.01.48_log.txt
2016-06-04 11:55 - 2016-06-04 11:55 - 00003292 _____ C:\Users\Aaron\Desktop\JRTb.txt
2016-06-04 11:54 - 2016-06-05 22:48 - 00002312 _____ C:\Users\Aaron\Desktop\JRT.txt
2016-06-04 11:46 - 2016-06-09 01:17 - 00000000 ____D C:\Qoobox
2016-06-04 11:17 - 2016-06-04 11:17 - 00012435 _____ C:\Users\Aaron\Desktop\AdwCleaner[S1].txt
2016-06-04 11:13 - 2016-06-04 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:11 - 2016-06-09 00:15 - 00000000 ____D C:\AdwCleaner
2016-06-04 11:10 - 2016-06-04 11:11 - 03677248 _____ C:\Users\Aaron\Desktop\AdwCleaner.exe
2016-06-04 01:33 - 2016-06-04 01:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Aaron\Desktop\HijackThis.exe
2016-06-04 01:19 - 2016-06-04 01:19 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Aaron\Desktop\rkill64-5415.com
2016-06-04 01:12 - 2016-06-04 01:12 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Aaron\Desktop\rkill64.com
2016-06-03 23:08 - 2016-06-03 23:08 - 01610816 _____ (Malwarebytes) C:\Users\Aaron\Desktop\JRT.exe
2016-06-03 23:03 - 2016-06-03 23:07 - 00220156 _____ C:\TDSSKiller.3.1.0.9_03.06.2016_23.03.17_log.txt
2016-06-03 22:58 - 2016-06-09 21:53 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-03 22:58 - 2016-06-04 01:19 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-03 22:57 - 2016-06-03 22:57 - 24125512 _____ C:\Users\Aaron\Desktop\RogueKillerX64.exe
2016-06-03 22:52 - 2016-06-03 22:53 - 19868744 _____ C:\Users\Aaron\Desktop\RogueKiller.exe
2016-06-03 22:48 - 2016-06-03 22:48 - 05659224 ____R (Swearware) C:\Users\Aaron\Desktop\ComboFix.exe
2016-06-03 22:42 - 2016-06-12 21:21 - 00000000 ____D C:\AVG_Remover
2016-06-03 22:42 - 2016-06-03 22:42 - 08065568 _____ ( ) C:\Users\Aaron\Desktop\AVG_Remover.exe
2016-06-03 22:15 - 2016-06-03 22:20 - 257024472 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Aaron\Desktop\AVG_Internet_Security_x64_696.exe
2016-06-03 22:07 - 2016-06-12 21:27 - 00000000 ____D C:\ProgramData\MFAData
2016-06-03 22:07 - 2016-06-03 22:07 - 00000000 ____D C:\Users\Aaron\AppData\Local\MFAData
2016-06-03 22:07 - 2016-06-03 22:07 - 00000000 ____D C:\Users\Aaron\AppData\Local\Avg2015
2016-06-03 22:00 - 2016-06-03 22:05 - 204851760 _____ (AVG Technologies) C:\Users\Aaron\Desktop\avg_free_x64_all_2015_ltst_221.exe
2016-06-03 21:25 - 2016-06-12 21:27 - 00000000 ____D C:\ProgramData\Avg
2016-06-03 21:21 - 2016-06-12 21:27 - 00000000 ____D C:\Users\Aaron\AppData\Local\Avg
2016-06-03 21:19 - 2016-06-03 21:19 - 03078064 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Aaron\Desktop\AVG_Protection_Free_1606.exe
2016-06-03 21:17 - 2016-06-07 23:49 - 00000002 _____ C:\Users\Aaron\Desktop\Rkill.txt
2016-06-03 20:45 - 2016-06-03 20:36 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Aaron\Desktop\rkill.com
2016-06-03 20:39 - 2016-06-03 20:41 - 00220842 _____ C:\TDSSKiller.3.1.0.9_03.06.2016_20.39.32_log.txt
2016-06-03 20:38 - 2016-06-06 01:50 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-03 20:38 - 2016-06-03 20:39 - 49152216 _____ (Microsoft Corporation) C:\Users\Aaron\Desktop\Windows-KB890830-x64-V5.36.exe
2016-06-03 20:38 - 2016-06-03 20:38 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-06-03 20:38 - 2016-06-03 20:38 - 05066104 _____ (AVAST Software) C:\Users\Aaron\Desktop\avast_free_antivirus_setup_online.exe
2016-06-03 20:38 - 2016-06-03 20:38 - 05066104 _____ (AVAST Software) C:\ProgramData\Desktop\avast_free_antivirus_setup_online.exe
2016-06-03 20:38 - 2016-06-03 20:37 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Aaron\Desktop\tdsskiller.exe
2016-06-03 13:32 - 2014-04-24 20:40 - 47230394 _____ C:\Users\Aaron School\Desktop\Alexander Aaron.pdf
2016-06-03 13:28 - 2016-06-03 13:28 - 00000000 _____ C:\Users\Aaron School\AppData\Local\{3AC57209-7AB1-40FB-BEAA-7D3D7837BEEC}
2016-06-03 13:09 - 2016-06-03 13:09 - 00000054 _____ C:\Users\Aaron School\Desktop\New Text Document (2).txt
2016-06-03 12:31 - 2016-06-03 12:31 - 00442755 _____ C:\Users\Aaron\Desktop\utility.htm
2016-06-03 11:50 - 2016-06-03 11:50 - 00000000 ____D C:\Users\Aaron School\AppData\Roaming\Anvisoft
2016-06-03 11:41 - 2016-06-03 11:41 - 00000000 ____D C:\Users\Aaron School\AppData\Local\ElevatedDiagnostics
2016-06-03 11:26 - 2016-06-12 22:48 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-03 02:59 - 2016-06-03 02:59 - 00000000 ____D C:\Users\Aaron School\AppData\Local\Dropbox
2016-06-03 02:57 - 2016-06-03 02:57 - 00000258 __RSH C:\Users\Aaron School\ntuser.pol
2016-06-03 02:07 - 2016-06-03 02:07 - 21662144 _____ C:\Users\Aaron\Desktop\Unconfirmed 132198.crdownload
2016-06-03 01:57 - 2016-06-03 01:57 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow0040CEA8
2016-06-03 01:57 - 2016-06-03 01:57 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow000000000032A1B8
2016-06-02 16:57 - 2016-06-02 16:57 - 00000000 ____D C:\Windows\system32\agap
2016-06-02 16:48 - 2016-06-09 21:35 - 00000008 __RSH C:\Users\Aaron\ntuser.pol
2016-06-02 16:47 - 2016-06-02 16:47 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow00935440
2016-06-02 16:47 - 2016-06-02 16:47 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow000000000032AD58
2016-06-02 15:54 - 2016-06-02 15:54 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow00811F28
2016-06-02 15:54 - 2016-06-02 15:54 - 00000000 ____D C:\Users\Aaron\AppData\LocalLow000000000034ECA8
2016-06-02 15:54 - 2016-06-02 15:54 - 00000000 ____D C:\Program Files (x86)\Securid
2016-06-02 15:53 - 2016-06-02 15:53 - 00000000 ____D C:\Users\Aaron\AppData\Local\Tempfolder
2016-06-02 15:48 - 2016-06-03 11:21 - 00000000 ____D C:\Users\Aaron\AppData\Local\Apps\2.0
2016-06-02 15:48 - 2016-06-02 15:48 - 00128512 _____ C:\Users\Aaron\AppData\Roaming\Installer.dat
2016-06-02 15:48 - 2016-06-02 15:48 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2016-06-02 13:06 - 2016-06-02 13:06 - 00006399 _____ C:\Users\Aaron\Desktop\recermt scan.txt
2016-06-02 11:27 - 2016-06-02 11:08 - 00000487 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-06-02 11:08 - 2016-06-03 02:55 - 00031475 _____ C:\Windows\e9154e56706355251f439efdfbbde3f1.ps1
2016-06-02 11:08 - 2016-06-02 11:08 - 00000000 ____D C:\Windows\system32\SSL
2016-06-02 11:07 - 2016-06-04 13:20 - 00001656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\guest 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\guest 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001696 _____ C:\Users\Aaron School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001644 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-06-02 11:07 - 2016-06-04 13:19 - 00001644 _____ C:\ProgramData\Desktop\Моzillа Firеfох.lnk
2016-06-02 00:55 - 2016-06-05 20:59 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-06-02 00:55 - 2016-06-05 20:59 - 00001512 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-06-02 00:55 - 2016-06-05 20:59 - 00001512 _____ C:\ProgramData\Desktop\Adobe Application Manager.lnk
2016-06-02 00:50 - 2016-06-02 00:50 - 00000029 _____ C:\Users\Aaron\Desktop\New Text Document.txt
2016-06-01 12:00 - 2016-06-01 14:20 - 00000000 ____D C:\Users\Aaron\Desktop\comm
2016-05-25 23:49 - 2016-06-17 14:04 - 00000000 ___RD C:\Users\Aaron\Dropbox
2016-05-25 23:49 - 2016-06-05 20:58 - 00001226 _____ C:\Users\Aaron\Desktop\Dropbox.lnk
2016-05-25 23:35 - 2016-05-25 23:35 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Dropbox
2016-05-25 23:33 - 2016-06-17 14:02 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-25 23:33 - 2016-06-17 13:38 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-25 23:33 - 2016-06-04 11:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-25 23:33 - 2016-05-25 23:49 - 00000000 ____D C:\Users\Aaron\AppData\Local\Dropbox
2016-05-25 23:33 - 2016-05-25 23:33 - 00003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-05-25 23:33 - 2016-05-25 23:33 - 00003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-05-25 23:33 - 2016-05-25 23:33 - 00000000 ____D C:\ProgramData\Dropbox
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-17 14:08 - 2009-07-13 21:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 14:08 - 2009-07-13 21:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 14:03 - 2016-03-28 15:39 - 00003206 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-691505584-3256853444-1998314781-1002
2016-06-17 14:03 - 2012-03-19 15:38 - 00115432 _____ C:\Users\Aaron\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-17 03:04 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-16 06:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2016-06-16 04:49 - 2009-07-13 21:45 - 05057928 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-16 04:45 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-16 04:45 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-06-16 04:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\tracing
2016-06-16 04:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-06-16 04:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Dism
2016-06-16 04:40 - 2013-09-07 20:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-16 04:23 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2016-06-16 04:02 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-16 04:02 - 2009-07-13 19:34 - 00000478 _____ C:\Windows\win.ini
2016-06-16 03:59 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-16 03:22 - 2012-08-04 13:54 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-16 03:19 - 2009-07-13 22:13 - 00873830 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-16 03:17 - 2012-02-10 20:11 - 00852402 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-15 04:00 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-06-15 04:00 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-06-15 04:00 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-06-15 01:43 - 2012-03-19 15:36 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CABBF77D-17D3-40A8-BF33-C455EE454CFB}
2016-06-15 00:17 - 2013-12-18 19:05 - 07359488 _____ C:\Users\Aaron\AppData\Local\SageThumbs.db3
2016-06-14 19:39 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-06-14 19:39 - 2009-07-13 21:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-14 04:47 - 2013-04-06 22:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-14 04:47 - 2013-04-06 22:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-14 04:19 - 2013-04-06 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-12 15:44 - 2012-03-21 22:33 - 00000000 ____D C:\Users\Aaron\Documents\Aaron stuff
2016-06-09 21:35 - 2012-03-19 23:32 - 00000000 ____D C:\Users\Aaron
2016-06-09 21:20 - 2009-07-13 20:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-06-09 19:28 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-09 01:03 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
2016-06-09 00:58 - 2012-08-02 16:09 - 00000000 ____D C:\Windows\ERDNT
2016-06-08 23:58 - 2013-09-01 11:06 - 00000000 ____D C:\Windows\SysWOW64\webclient
2016-06-08 22:36 - 2011-11-09 12:04 - 00000000 ____D C:\ProgramData\Skype
2016-06-08 00:33 - 2014-09-27 11:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-06 22:59 - 2012-04-03 11:44 - 00000000 ____D C:\Users\Aaron\AppData\Local\CrashDumps
2016-06-06 22:29 - 2013-02-03 23:44 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Skype
2016-06-06 22:29 - 2012-07-27 16:26 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\DAEMON Tools Pro
2016-06-06 22:29 - 2012-07-15 00:35 - 00000000 ____D C:\Users\Aaron\Tracing
2016-06-05 21:01 - 2012-03-19 15:36 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\hpqLog
2016-06-05 20:59 - 2016-03-08 13:38 - 00002007 _____ C:\Users\Public\Desktop\Platinum Toolset.lnk
2016-06-05 20:59 - 2016-03-08 13:38 - 00002007 _____ C:\ProgramData\Desktop\Platinum Toolset.lnk
2016-06-05 20:59 - 2015-11-07 08:37 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-05 20:59 - 2015-11-07 08:37 - 00001747 _____ C:\ProgramData\Desktop\iTunes.lnk
2016-06-05 20:59 - 2014-09-27 11:55 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-05 20:59 - 2014-09-27 11:55 - 00001096 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-05 20:59 - 2014-08-30 12:14 - 00000957 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-05 20:59 - 2014-08-30 12:14 - 00000957 _____ C:\ProgramData\Desktop\Steam.lnk
2016-06-05 20:59 - 2014-07-08 10:48 - 00000961 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2016-06-05 20:59 - 2014-07-08 10:48 - 00000961 _____ C:\ProgramData\Desktop\DS3 Tool.lnk
2016-06-05 20:59 - 2014-03-26 01:01 - 00001650 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
2016-06-05 20:59 - 2014-03-26 00:59 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
2016-06-05 20:59 - 2014-03-26 00:51 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-06-05 20:59 - 2014-02-12 19:39 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-06-05 20:59 - 2014-02-12 19:37 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-06-05 20:59 - 2014-02-12 19:36 - 00001081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-06-05 20:59 - 2014-02-12 19:34 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-06-05 20:59 - 2014-02-12 19:31 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-06-05 20:59 - 2014-02-12 19:31 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-06-05 20:59 - 2013-12-19 15:47 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-06-05 20:59 - 2013-12-19 15:47 - 00001839 _____ C:\ProgramData\Desktop\QuickTime Player.lnk
2016-06-05 20:59 - 2013-10-25 12:34 - 00001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2016-06-05 20:59 - 2013-09-03 19:54 - 00001022 _____ C:\Users\Public\Desktop\Convert AVI to MP4.lnk
2016-06-05 20:59 - 2013-09-03 19:54 - 00001022 _____ C:\ProgramData\Desktop\Convert AVI to MP4.lnk
2016-06-05 20:59 - 2013-09-01 12:02 - 00001038 _____ C:\Users\Public\Desktop\CamStudio.lnk
2016-06-05 20:59 - 2013-09-01 12:02 - 00001038 _____ C:\ProgramData\Desktop\CamStudio.lnk
2016-06-05 20:59 - 2013-08-27 18:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-06-05 20:59 - 2013-08-27 18:48 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-06-05 20:59 - 2013-08-27 18:48 - 00002013 _____ C:\ProgramData\Desktop\Adobe Reader XI.lnk
2016-06-05 20:59 - 2013-08-05 18:06 - 00002271 _____ C:\Users\Public\Desktop\WinZip.lnk
2016-06-05 20:59 - 2013-08-05 18:06 - 00002271 _____ C:\ProgramData\Desktop\WinZip.lnk
2016-06-05 20:59 - 2013-05-28 09:54 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2016-06-05 20:59 - 2013-05-28 09:54 - 00001025 _____ C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2016-06-05 20:59 - 2013-05-28 09:54 - 00001025 _____ C:\ProgramData\Desktop\Adobe Download Assistant.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001494 _____ C:\Users\Public\Desktop\Anvi AD Blocker.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001494 _____ C:\ProgramData\Desktop\Anvi AD Blocker.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001178 _____ C:\Users\Public\Desktop\Anvi Smart Defender.lnk
2016-06-05 20:59 - 2013-05-27 16:36 - 00001178 _____ C:\ProgramData\Desktop\Anvi Smart Defender.lnk
2016-06-05 20:59 - 2012-12-20 22:24 - 00001355 _____ C:\Users\Public\Desktop\CyberLink YouCam.lnk
2016-06-05 20:59 - 2012-12-20 22:24 - 00001355 _____ C:\ProgramData\Desktop\CyberLink YouCam.lnk
2016-06-05 20:59 - 2012-08-21 02:45 - 00001258 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2016-06-05 20:59 - 2012-08-21 02:45 - 00001258 _____ C:\ProgramData\Desktop\RealPlayer.lnk
2016-06-05 20:59 - 2012-08-15 04:12 - 00002024 _____ C:\Users\Public\Desktop\Java Web Start.lnk
2016-06-05 20:59 - 2012-08-15 04:12 - 00002024 _____ C:\ProgramData\Desktop\Java Web Start.lnk
2016-06-05 20:59 - 2012-07-27 16:26 - 00001926 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2016-06-05 20:59 - 2012-07-27 16:26 - 00001926 _____ C:\ProgramData\Desktop\DAEMON Tools Pro.lnk
2016-06-05 20:59 - 2012-05-19 19:23 - 00000875 _____ C:\Users\Public\Desktop\HxD.lnk
2016-06-05 20:59 - 2012-05-19 19:23 - 00000875 _____ C:\ProgramData\Desktop\HxD.lnk
2016-06-05 20:59 - 2012-03-21 23:50 - 00001029 _____ C:\Users\Public\Desktop\DiskAid.lnk
2016-06-05 20:59 - 2012-03-21 23:50 - 00001029 _____ C:\ProgramData\Desktop\DiskAid.lnk
2016-06-05 20:59 - 2012-03-21 23:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002098 _____ C:\Users\Public\Desktop\HP Download Store.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002098 _____ C:\ProgramData\Desktop\HP Download Store.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002020 _____ C:\Users\Public\Desktop\RaRa Music.lnk
2016-06-05 20:59 - 2012-03-19 23:35 - 00002020 _____ C:\ProgramData\Desktop\RaRa Music.lnk
2016-06-05 20:59 - 2012-02-10 20:01 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-06-05 20:59 - 2011-11-09 12:13 - 00002173 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-06-05 20:59 - 2011-11-09 12:13 - 00002173 _____ C:\ProgramData\Desktop\HP Support Assistant.lnk
2016-06-05 20:59 - 2011-11-09 12:07 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-06-05 20:59 - 2011-11-09 12:07 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-06-05 20:59 - 2011-11-09 12:06 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-06-05 20:59 - 2011-11-09 12:06 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-06-05 20:59 - 2011-11-09 12:03 - 00002103 _____ C:\Users\Public\Desktop\Microsoft Office 2010.lnk
2016-06-05 20:59 - 2011-11-09 12:03 - 00002103 _____ C:\ProgramData\Desktop\Microsoft Office 2010.lnk
2016-06-05 20:59 - 2011-11-09 11:56 - 00002584 _____ C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2016-06-05 20:59 - 2011-11-09 11:56 - 00002584 _____ C:\ProgramData\Desktop\WildTangent Games App - hp.lnk
2016-06-05 20:59 - 2009-07-13 21:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-06-05 20:59 - 2009-07-13 21:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-06-05 20:58 - 2016-05-15 00:28 - 00002473 _____ C:\Users\Aaron\Desktop\Chromium.lnk
2016-06-05 20:58 - 2014-11-21 17:50 - 00001206 _____ C:\Users\Aaron\Desktop\Chromecast.lnk
2016-06-05 20:58 - 2014-07-08 07:50 - 00001389 _____ C:\Users\Aaron\Desktop\Super Street Fighter IV - Arcade Edition.lnk
2016-06-05 20:58 - 2013-09-07 21:03 - 00002156 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-06-05 20:58 - 2013-08-07 14:12 - 00000630 _____ C:\Users\Aaron\Desktop\BootDreams.lnk
2016-06-05 20:58 - 2012-08-04 13:47 - 00001999 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2016-06-05 20:58 - 2012-06-01 12:30 - 00001019 _____ C:\Users\Aaron\Desktop\Photoshop CS5.lnk
2016-06-05 20:58 - 2012-04-15 20:46 - 00000998 _____ C:\Users\Aaron\Desktop\IrfanView.lnk
2016-06-05 20:58 - 2009-07-13 22:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-06-05 20:58 - 2009-07-13 21:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-06-05 20:53 - 2012-10-22 15:13 - 00000000 ____D C:\Windows\Minidump
2016-06-05 12:34 - 2012-04-05 21:47 - 00000000 ____D C:\Users\Aaron\Documents\Youcam
2016-06-05 12:33 - 2014-08-30 12:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-05 12:33 - 2012-05-28 23:30 - 00000000 ____D C:\Users\Aaron\.thumbnails
2016-06-05 12:33 - 2012-02-10 20:19 - 00000000 ____D C:\ProgramData\Temp
2016-06-05 12:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-06-04 23:44 - 2013-09-07 20:57 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-04 23:38 - 2012-11-29 12:20 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\uTorrent
2016-06-04 23:10 - 2013-10-25 12:34 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-04 23:09 - 2013-09-01 13:20 - 00000408 _____ C:\Users\Aaron\AppData\Roaming\CamShapes.ini
2016-06-04 23:09 - 2013-09-01 13:20 - 00000408 _____ C:\Users\Aaron\AppData\Roaming\CamLayout.ini
2016-06-04 23:09 - 2013-09-01 13:20 - 00000100 _____ C:\Users\Aaron\AppData\Roaming\Camdata.ini
2016-06-04 23:09 - 2013-09-01 12:23 - 00004522 _____ C:\Users\Aaron\AppData\Roaming\CamStudio.cfg
2016-06-04 22:35 - 2013-02-23 23:22 - 00000000 ____D C:\Users\Aaron\AppData\Local\PMB Files
2016-06-04 14:08 - 2014-02-12 19:36 - 00000000 ____D C:\Program Files\Adobe
2016-06-04 14:01 - 2011-11-09 12:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-04 13:53 - 2014-02-12 19:20 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-04 13:30 - 2013-01-28 01:59 - 00000000 ___HD C:\ProgramData\tst
2016-06-04 12:30 - 2013-07-27 19:38 - 00000000 ____D C:\Users\Mcx1-AARON-HP
2016-06-04 12:30 - 2013-05-27 10:58 - 00000000 ____D C:\Users\guest 1
2016-06-04 00:27 - 2013-11-01 12:10 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D2CF48D5-0345-4579-A6D1-E91705D1DEAE}
2016-06-03 15:34 - 2011-11-09 11:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-06-03 14:57 - 2014-09-23 19:16 - 00876544 _____ C:\Users\Aaron School\AppData\Local\SageThumbs.db3
2016-06-03 13:51 - 2013-11-01 12:09 - 00002076 _____ C:\Users\Aaron School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-06-03 13:49 - 2014-07-07 12:31 - 00002063 _____ C:\Users\Aaron School\Desktop\Continue installation  - keywordrequest Installation.lnk
2016-06-03 13:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Help
2016-06-03 12:54 - 2015-11-07 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-03 12:54 - 2013-08-05 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-06-03 12:54 - 2011-11-09 12:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-06-03 12:54 - 2011-11-09 12:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-06-03 12:23 - 2014-09-27 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-03 12:23 - 2014-09-27 11:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-03 11:20 - 2012-02-10 20:16 - 00000000 ____D C:\Windows\Hewlett-Packard
2016-06-03 02:57 - 2013-11-01 12:09 - 00000000 ____D C:\Users\Aaron School
2016-06-03 02:04 - 2012-04-11 16:42 - 00000000 ____D C:\Users\Aaron\AppData\Local\Adobe
2016-06-02 16:56 - 2014-03-23 14:15 - 00000000 ____D C:\Windows\pss
2016-06-02 16:25 - 2013-05-31 23:54 - 00000000 ____D C:\JRT
2016-06-02 13:40 - 2012-06-01 12:36 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-02 12:49 - 2012-05-28 22:38 - 00000000 ____D C:\Users\Aaron\.gimp-2.6
2016-06-02 11:08 - 2009-07-13 19:34 - 00000487 _____ C:\Windows\system32\Drivers\etc\hosts.hitmanpro
2016-06-02 10:22 - 2012-03-19 15:44 - 00000000 ____D C:\Users\Aaron\AppData\Roaming\Adobe
2016-06-01 12:26 - 2012-06-01 15:00 - 00000132 _____ C:\Users\Aaron\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-05-22 19:51 - 2014-05-12 14:47 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam
 
==================== Files in the root of some directories =======
 
2013-11-01 12:07 - 2013-11-01 12:08 - 0557887 _____ () C:\Program Files\bookmarks.html
2014-02-09 11:11 - 2014-02-09 11:11 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe GIF Format CS5 Prefs
2014-05-03 11:14 - 2014-05-03 11:14 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe GIF Format CS6 Prefs
2012-06-01 15:00 - 2016-06-01 12:26 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-10-03 01:35 - 2014-10-12 12:51 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-06-29 10:14 - 2012-06-29 10:14 - 0000132 _____ () C:\Users\Aaron\AppData\Roaming\Adobe Targa Format CS5 Prefs
2013-09-01 13:20 - 2016-06-04 23:09 - 0000100 _____ () C:\Users\Aaron\AppData\Roaming\Camdata.ini
2013-09-01 13:20 - 2016-06-04 23:09 - 0000408 _____ () C:\Users\Aaron\AppData\Roaming\CamLayout.ini
2013-09-01 13:20 - 2016-06-04 23:09 - 0000408 _____ () C:\Users\Aaron\AppData\Roaming\CamShapes.ini
2013-09-01 12:23 - 2016-06-04 23:09 - 0004522 _____ () C:\Users\Aaron\AppData\Roaming\CamStudio.cfg
2016-06-02 15:48 - 2016-06-02 15:48 - 0128512 _____ () C:\Users\Aaron\AppData\Roaming\Installer.dat
2013-12-19 16:59 - 2014-02-09 12:51 - 0001456 _____ () C:\Users\Aaron\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-03-31 22:52 - 2014-10-03 22:36 - 0001456 _____ () C:\Users\Aaron\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-12-18 19:05 - 2016-06-15 00:17 - 7359488 _____ () C:\Users\Aaron\AppData\Local\SageThumbs.db3
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-06-17 00:52
 
==================== End of FRST.txt ============================


#15 Atrav

Atrav
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 17 June 2016 - 10:33 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-06-2016
Ran by Aaron (2016-06-17 14:11:23)
Running from C:\Users\Aaron\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-20 06:32:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Aaron (S-1-5-21-691505584-3256853444-1998314781-1002 - Administrator - Enabled) => C:\Users\Aaron
Aaron School (S-1-5-21-691505584-3256853444-1998314781-1006 - Administrator - Enabled) => C:\Users\Aaron School
Administrator (S-1-5-21-691505584-3256853444-1998314781-500 - Administrator - Disabled)
Guest (S-1-5-21-691505584-3256853444-1998314781-501 - Limited - Disabled)
guest 1 (S-1-5-21-691505584-3256853444-1998314781-1004 - Administrator - Enabled) => C:\Users\guest 1
HomeGroupUser$ (S-1-5-21-691505584-3256853444-1998314781-1003 - Limited - Enabled)
Mcx1-AARON-HP (S-1-5-21-691505584-3256853444-1998314781-1005 - Limited - Enabled) => C:\Users\Mcx1-AARON-HP
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
AD Blocker (HKLM-x32\...\{A6C3D5F0-3C6C-46BF-A8D0-06EE92E02E9E}_is1) (Version: 2.0 - Anvisoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aimersoft DVD Creator(Build 2.6.5) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version:  - Wondershare)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
Anvi Smart Defender 1.8 (HKLM-x32\...\Anvi Smart Defender) (Version: 1.8 - Anvisoft)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BootDreams (HKLM-x32\...\BootDreams) (Version:  - )
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
ChromecastApp (HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp4.com)
CopyTrans Suite Remove Only (HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
DiskAid 5.09 (HKLM-x32\...\DiskAid_is1) (Version: 5.09 - DigiDNA)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlacSquisher 1.3.5 (HKLM-x32\...\FlacSquisher) (Version: 1.3.5 - FlacSquisher)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142000}) (Version: 1.4.2 - Sun Microsystems, Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LTS Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version:  - )
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-691505584-3256853444-1998314781-1002\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Platinum Toolset (HKLM-x32\...\{9B5AA48E-8104-47FA-A8D8-F35DAADC7CC8}) (Version: 1.2.0.50 - company)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SageThumbs 2.0.0.17 (HKLM\...\SageThumbs) (Version: 2.0.0.17 - Cherubic Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Street Fighter IV - Arcade Edition (HKLM-x32\...\Super Street Fighter IV - Arcade Edition_is1) (Version:  - R.G. Mechanics, spider91)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC)
Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0001.129 - CAPCOM U.S.A., INC) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1220 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
System Ninja version 2.4.3 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 2.4.3 - SingularLabs)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Total Video2Dvd 3.30 (HKLM-x32\...\Total Video2Dvd 3.30_is1) (Version:  - EffectMatrix, Inc.)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.14 - NCH Software)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebClient (HKLM-x32\...\WebClient) (Version:  - )
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
YouTube Video Downloader 3 (HKLM-x32\...\YouTube Video Downloader_is1) (Version:  - Tomabo)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-691505584-3256853444-1998314781-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll => No File
CustomCLSID: HKU\S-1-5-21-691505584-3256853444-1998314781-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-691505584-3256853444-1998314781-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Aaron\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05B26E45-755A-4D45-8A22-90F98C54D19B} - System32\Tasks\SafeZone scheduled Autoupdate 1465203079 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {082BB78E-E454-47B9-B9D4-6AC82384F1E3} - System32\Tasks\{2AF82BD6-8B47-47D1-9FA1-67811AD44F89} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {08F9B5A8-230D-455A-A08C-82EAFAE76A4F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {09EB34FB-5BAC-46F5-BDCB-F8ED02F719E8} - System32\Tasks\{1E57AB30-4551-4356-A780-F2BB4BA8A2A5} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {0B63883D-5C9E-4990-B493-7630915543CA} - System32\Tasks\{61696C2C-EA6B-45DA-B7FE-BCACC079F3BB} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {0F06B096-FC84-417E-8D8C-C4CDDE9AFC25} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-25] (Dropbox, Inc.)
Task: {166A3664-7963-4422-9501-A4AFFC7FE244} - System32\Tasks\{8C531811-F11A-4F6A-A070-A82C6456BCCA} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {16FF5D58-13EC-4CFF-8656-BD73D0F2DB19} - System32\Tasks\{2BA12E4B-77DE-47CF-9A67-89D3B53DFCA5} => pcalua.exe -a "C:\Users\Aaron\Desktop\games\BlazingTools Perfect Keylogger v1.75 [CheckOutEr]\Perfect Keylogger v1.75.exe" -d "C:\Users\Aaron\Desktop\games\BlazingTools Perfect Keylogger v1.75 [CheckOutEr]"
Task: {196B2EAA-FEF4-4AAB-A62E-4FEF49813AE8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-06] (AVAST Software)
Task: {1E456E75-121E-4167-8141-392534379071} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {203635F2-C304-478E-AB83-BE2C1C56C223} - System32\Tasks\{37270FDD-03EC-4153-BB78-9F59DDFB88FE} => pcalua.exe -a "C:\Users\Aaron\Desktop\New folder\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\Aaron\Desktop\New folder"
Task: {233CED48-82CC-4DF9-AFA5-C43721D0FE23} - System32\Tasks\{EEAC0F5E-BE8C-4057-97B6-EB41427B30E8} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {25E382B6-C27D-4577-9521-B1A45C61D33A} - System32\Tasks\{0D4B85AC-40CE-4EC5-9E5D-BB5637683E89} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {2731E9B4-C2D6-4478-AA1F-394C350E156C} - System32\Tasks\{E8079FBE-05E4-443D-B383-DF93B62257EA} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {2EB9A740-CCFD-4805-ABD2-34A366B7E1E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-25] (Dropbox, Inc.)
Task: {34E2BC68-E84F-4E87-A208-D4DA96CA87D1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3E4DA2C2-A261-4CC3-A404-81F40FD4AC31} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-691505584-3256853444-1998314781-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {3F1A5385-EA3A-41B7-A300-DAC69D26EAEE} - System32\Tasks\{9D742634-4A89-4892-827C-7B4C31656870} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {42A85E90-3718-416A-ACB5-415D989E89BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-04] (Google Inc.)
Task: {43A90022-B1B3-4BBB-9A83-F925EA2AB476} - System32\Tasks\RealCreateProcessScheduledTask54914005S-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
Task: {43FB314E-AA15-47C2-8E82-67E64D3EECF7} - System32\Tasks\Java™ Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {4978211F-6CA7-4DF7-A1A1-BFD23415F264} - System32\Tasks\{7DCF6A02-4422-4967-A9A3-5F5329E12DFD} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {4B5AA6C9-D32B-43B6-88F8-8176C980200B} - System32\Tasks\{E84CCACE-68DA-4B88-BACB-28503B7A724A} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {5CD262DA-71C1-4CBE-AB2B-1FF9E6B1C467} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-25] (CyberLink)
Task: {663C9DF8-88C4-4EB3-A4E8-840A355946E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6AB6DC8B-EA3F-44D8-AD0F-016093FC58ED} - System32\Tasks\{7C76CFE1-ED5E-488A-9A09-147781038873} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {6F05B237-16FB-44E9-AA13-51258424D0D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {734D1FEC-E3A7-45EB-81A0-981CC7585952} - System32\Tasks\RealCreateProcessScheduledTask417799116S-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
Task: {7F7F185E-A099-40B5-8317-2F31986D6710} - System32\Tasks\{89A32C6D-7A50-4F04-B044-20C2A945F8A6} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {8275472E-5348-453F-BA52-8149C0F2ED49} - System32\Tasks\{5101D055-3A46-4A84-9CC6-1ED3EC603E9A} => pcalua.exe -a G:\Setup.exe -d G:\
Task: {82FC3E12-2F9B-4153-BB81-8F4540E64249} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {85D85894-410D-4CC4-8BE2-4BEBCCA339ED} - System32\Tasks\{62C3B824-CEAC-40FB-B1F9-FFBA9B9EDE26} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {8C3599EF-0DB5-44C1-9208-71FA2FE344EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {9230994E-0FE3-4776-9F8C-FC5624E864A7} - System32\Tasks\{84917031-8D2A-4A43-B023-7AD279BF67CC} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {982D23ED-C215-4342-B14D-C5DFA5DD8A5F} - System32\Tasks\{7B59D47F-357B-4CCC-9DAE-64FFE74B2713} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {9A1310ED-E528-4931-878D-290C292393C0} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {9D2E0AB6-1EFD-45DF-B078-D0B2B3A3F726} - System32\Tasks\{E9DE209F-27E4-4284-97C0-718AD4FD961F} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {9EEF01FC-BA83-443F-9112-520D3A7BA256} - System32\Tasks\{20C19202-2B2B-4013-BE8B-8261A7F47504} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {A1060A58-A70E-421C-B99D-5B3F4DA0162A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-06] (AVAST Software)
Task: {A18143FD-74C9-424C-B62B-9CB14B2776FF} - System32\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {A9D89AA7-9E98-47AE-84B6-B14E62531EEF} - System32\Tasks\{075B4ED4-A865-45FB-9B65-1484E409F5EA} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {B00722D8-612B-47D0-8693-AF99A6969BA2} - System32\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B05A8A18-773C-4D74-A570-2B8438835A89} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-04] (Google Inc.)
Task: {B1AF2DC1-D6F4-4CA1-BBBE-7988D7FB8A0B} - System32\Tasks\{A3A71168-608B-4BC9-8CCD-C21ED0A417AC} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {B1D37BAB-F369-4E15-A30F-C406E8912420} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {B83BD61A-D3D8-4D38-A058-1DF2F7745357} - System32\Tasks\{7E46838B-90F1-4780-B2B8-1D77BCE39075} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {BBD36E81-AC94-4265-BC6A-AD6BBF5A695B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-12-15] (Hewlett-Packard)
Task: {BCAE7FD1-54FB-4CE2-9373-4ED4ADB8618F} - System32\Tasks\{E4EA3CE1-08FF-4913-AF5D-0FB837EDDC64} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {BFE34B32-D352-46AE-9E5E-A1639581E211} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {C08A77D9-3ED9-48D0-9752-0258D08144AC} - System32\Tasks\{438F1CF5-C51E-4502-8F40-3A4997AF5EB3} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {C692A4A8-67BA-4722-896E-DEDBB930EE0B} - \GoforFilesUpdate -> No File <==== ATTENTION
Task: {D1526F02-320A-42F8-B4CD-C68F6521A5B8} - \SecurityApps2 -> No File <==== ATTENTION
Task: {D31D7D2E-EEB9-4A82-AE76-CBD8BEBAE73F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-691505584-3256853444-1998314781-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {D3B4A6A7-3A84-40E1-8BD3-12383C3C8294} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-AARON-HP => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {D4C948EF-EE28-4878-BA4F-1BFAFBE8140F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {D6477097-2837-4B5A-9A43-B17D5A8CC606} - System32\Tasks\{9AC1936E-F3BA-48CB-B68C-3FA4F4436123} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {D9D4041D-3C0E-47AD-B61A-9085BC7671AE} - System32\Tasks\{F7361185-5C0C-47FE-BB77-3FCC33710808} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {DCC53ABE-A0BC-4B6B-BE4A-8AA5208459AF} - System32\Tasks\{7C4C5503-8DC9-4C4A-912E-1B7D47B7942F} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {E2203506-1FB1-4BBD-8E45-78FB7439E3B9} - System32\Tasks\{B15CA2A3-E5F7-40DE-A177-E36EC922628B} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {E4470187-72BE-42E3-94C2-CA965582107A} - System32\Tasks\{4B5E36E1-175B-4840-822E-9BDB51433B34} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {EBCB4EC9-368E-4CCB-B0FA-218EC2C5798E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EF4516E5-A301-4D08-893F-D514C6459B95} - System32\Tasks\{C58772F1-692C-4D48-B55A-E5BEE7C29656} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {F36DE198-BB3B-41C8-9F04-43B25EC37DA5} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {F7B5B3F5-0F7E-477B-A6A9-B4ABFEBE94CE} - System32\Tasks\{DD6F44AA-C79D-4260-B878-953CA744595D} => C:\Users\Aaron\Desktop\Gaming\Dreamcast\fastboot\BINHACK.EXE
Task: {F9C7E6DC-6970-4BD1-BB2B-5AE2D96A3DD8} - System32\Tasks\RealCreateProcessScheduledTask1296471269S-1-5-21-691505584-3256853444-1998314781-1002 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d236feb9-cd35-4751-a91a-4f03e01785b4.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f68535ab-e480-4187-bf64-c6d18229f87d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-04-02 19:03 - 2013-06-05 19:09 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-01-09 22:26 - 2014-01-09 22:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-05-27 16:36 - 2012-12-21 09:26 - 00979816 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
2016-06-10 00:03 - 2016-06-03 18:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-10 00:03 - 2016-06-03 18:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2011-09-28 07:19 - 2011-09-28 07:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-28 07:06 - 2011-09-28 07:06 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-09 22:28 - 2014-01-09 22:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-12-20 19:43 - 2012-12-20 19:43 - 00785256 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
2013-05-27 16:36 - 2005-01-02 09:22 - 00776192 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sqlite3.dll
2016-06-04 11:13 - 2016-05-05 03:09 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-06-04 11:12 - 2016-05-05 03:10 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-06-04 11:12 - 2016-05-05 03:09 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-06-04 11:13 - 2016-05-05 03:09 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-06-04 11:13 - 2016-05-05 03:09 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-06-04 11:12 - 2016-05-05 03:09 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-06-04 11:13 - 2016-05-31 11:34 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-06-04 11:13 - 2016-05-05 03:09 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 11:13 - 2016-05-05 03:10 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-06-04 11:12 - 2016-05-05 03:11 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 11:12 - 2016-05-05 03:09 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-06-04 11:12 - 2016-05-31 11:33 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-06-04 11:13 - 2016-05-05 03:09 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-06-04 11:12 - 2016-05-05 03:10 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 11:12 - 2016-05-05 03:12 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-06-04 11:12 - 2016-05-31 11:34 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-06-04 11:12 - 2016-05-31 11:34 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-06-04 11:13 - 2016-05-05 03:10 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-06-04 11:13 - 2016-05-05 03:11 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-06-04 11:13 - 2016-05-31 11:34 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-04 11:12 - 2016-05-31 11:34 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-06 01:43 - 2016-06-06 01:43 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-06 01:43 - 2016-06-06 01:43 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-06 01:43 - 2016-06-06 01:43 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Aaron\Desktop\Document.docx:com.dropbox.attributes [168]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2016-06-09 01:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-691505584-3256853444-1998314781-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: ADBlockerSrv => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: asdsrv => 2
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: AvgAMPS => 3
MSCONFIG\Services: avgfws => 2
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: avgwd => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{ED7E7EB1-D181-4548-8C0A-22A3295DB24E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B74F2076-5601-40D6-A75F-88AFE5CEE300}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E99FB998-726A-47BE-9DE4-64DEEDB8E8D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D5607F63-21CC-4083-8D4C-1E068DEB390B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5E6B6988-B1B5-41AC-B50B-26A47BBC5764}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F5164755-549E-4A93-99F0-167BF7B10DCC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
14-06-2016 03:01:29 Windows Update
14-06-2016 22:35:40 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
14-06-2016 22:37:57 Removed Visual Studio 2012 x86 Redistributables
14-06-2016 22:38:39 Removed Visual Studio 2012 x64 Redistributables
15-06-2016 03:01:11 Windows Update
16-06-2016 03:01:19 Windows Update
17-06-2016 03:00:12 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: ehdrv
Description: ehdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ehdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: A2 Direct Disk Access Support Driver
Description: A2 Direct Disk Access Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: A2DDA
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/17/2016 02:07:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 9.6.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 151c
 
Start Time: 01d1c8dc195f232e
 
Termination Time: 4
 
Application Path: C:\Users\Aaron\Desktop\FRST64.exe
 
Report Id: 66728854-34cf-11e6-ab22-082e5f955586
 
Error: (06/17/2016 01:24:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
 
Error: (06/17/2016 12:30:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (06/17/2016 03:05:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/16/2016 06:35:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
 
Error: (06/16/2016 05:32:01 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (06/16/2016 04:50:33 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.VisualBasic, Version=8.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (06/16/2016 04:50:31 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.VisualBasic, Version=8.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (06/16/2016 04:49:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/16/2016 04:49:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (06/17/2016 03:04:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/16/2016 04:49:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/16/2016 04:44:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/15/2016 04:04:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/15/2016 12:51:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (06/15/2016 12:08:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/14/2016 11:22:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/14/2016 11:06:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
Error: (06/14/2016 10:26:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service hung on starting.
 
Error: (06/14/2016 10:22:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
eamonm
ehdrv
tspor
 
 
CodeIntegrity:
===================================
  Date: 2016-06-09 00:56:46.366
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-09 00:56:46.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 02:57:56.858
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 02:57:56.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 01:59:16.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-03 01:59:15.551
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 16:48:01.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 16:48:01.720
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 15:55:04.697
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-02 15:55:04.689
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-3520M APU with Radeon™ HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 5609.91 MB
Available physical RAM: 3488.57 MB
Total Virtual: 10728.09 MB
Available Virtual: 8494.69 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:570.42 GB) (Free:281.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:21.58 GB) (Free:2.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.49 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E871E610)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=570.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End of Addition.txt ============================





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users