Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boost_interprocess


  • This topic is locked This topic is locked
19 replies to this topic

#1 Pestyone

Pestyone

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 07 July 2016 - 11:44 AM

Ok I was getting slammed earlyier and another techie was helping ; so I ran two of the scanners he posted and both of them froze up my computer and was expecting more help but never heard back

from him so posting here now; hoping scanners don t freeze my computer up .

 

The only way to un freeze is a re boot; so hoping to have none of that crap here fingers crossed  -

 

So need the help  -  thanks -

 

Heres the ADW log -

 

 

# AdwCleaner v3.022 - Report created 07/07/2016 at 12:27:59
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Robert - ROBERT-PC
# Running from : C:\Users\Robert\Downloads\AdwCleaner Setup [1].exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files\RegClean

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.18347

-\\ Mozilla Firefox v

[ File : C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default\prefs.js ]

[ File : C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f33i6gjr.default\prefs.js ]

*************************

AdwCleaner[C1].txt - [7330 octets] - [03/04/2016 07:19:21]
AdwCleaner[C2].txt - [1455 octets] - [02/05/2016 14:25:11]
AdwCleaner[C3].txt - [1578 octets] - [05/05/2016 11:44:51]
AdwCleaner[C4].txt - [14283 octets] - [29/05/2016 22:55:57]
AdwCleaner[R10].txt - [2065 octets] - [02/05/2016 17:15:33]
AdwCleaner[R11].txt - [2216 octets] - [11/05/2016 01:37:38]
AdwCleaner[R12].txt - [1665 octets] - [21/05/2016 12:36:55]
AdwCleaner[R18].txt - [2390 octets] - [24/06/2016 18:31:35]
AdwCleaner[R20].txt - [2634 octets] - [25/06/2016 17:57:07]
AdwCleaner[R23].txt - [5379 octets] - [29/06/2016 17:51:01]
AdwCleaner[R24].txt - [3709 octets] - [07/07/2016 12:26:33]
AdwCleaner[R26].txt - [2194 octets] - [01/07/2016 17:34:53]
AdwCleaner[R27].txt - [2316 octets] - [02/07/2016 19:41:05]
AdwCleaner[S15].txt - [2452 octets] - [24/06/2016 18:32:28]
AdwCleaner[S17].txt - [2696 octets] - [25/06/2016 17:57:58]
AdwCleaner[S1].txt - [6731 octets] - [03/04/2016 07:18:06]
AdwCleaner[S20].txt - [5446 octets] - [29/06/2016 17:51:27]
AdwCleaner[S21].txt - [3119 octets] - [07/07/2016 12:27:59]
AdwCleaner[S23].txt - [2260 octets] - [01/07/2016 17:36:44]
AdwCleaner[S24].txt - [2382 octets] - [02/07/2016 19:42:03]
AdwCleaner[S2].txt - [923 octets] - [15/04/2016 13:43:20]
AdwCleaner[S3].txt - [1358 octets] - [02/05/2016 14:22:51]
AdwCleaner[S4].txt - [1494 octets] - [05/05/2016 11:43:29]
AdwCleaner[S5].txt - [17637 octets] - [29/05/2016 22:53:44]
AdwCleaner[S7].txt - [2139 octets] - [02/05/2016 17:16:40]
AdwCleaner[S8].txt - [2288 octets] - [11/05/2016 01:38:29]
AdwCleaner[S9].txt - [1725 octets] - [21/05/2016 12:38:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S21].txt - [3722 octets] ##########

 

 

 



BC AdBot (Login to Remove)

 


#2 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 02:50 AM

Ok does this get my malware fixed -  might help -

 

 

Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

General info
------------
Computer name : ROBERT-PC
Creation time : 7/7/2016 12:47:32 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.11.9600.18349
OS : Windows 7 Home Premium
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.60
User Language : English (United States)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated)
  C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Ellora Assets Corp.)
* C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Adobe Systems Incorporated)
* C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Adobe Systems Incorporated)
* C:\Windows\System32\dllhost.exe (Microsoft Corporation)
* C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
* C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
* C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated)
  C:\Program Files\Everything\Everything.exe
  C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
* C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
* C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
* C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe (iolo technologies, LLC)
* C:\Program Files (x86)\iolo\System Mechanic\ioloSmartUpdater.exe (iolo technologies, LLC)
  C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
* C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
* C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Node.js)
* C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Node.js)
* C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe (PC Tools)
* C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
  C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
* C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
* C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XX8WFWQI\runscanner.exe (Runscanner.net)
* C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)
* C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
  C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe (KARPOLAN)
* C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\rundll32.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)

Unrated items
-------------
002 * C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
002   C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
002 * C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
002   C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
003 * C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
003   C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe (KARPOLAN)
005 * C:\PROGRA~2\iolo\SYSTEM~1\SYSTEM~1.EXE (iolo technologies, LLC)
006 * C:\PROGRA~2\iolo\SYSTEM~1\SYSTEM~1.EXE (iolo technologies, LLC)
010 * C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service)
010 * C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Update Service)
010 * C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 22.0 r0)
010 * C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (AGS Service)
010 * C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Bluetooth OBEX Service)
010   C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (CaptureLibService)
010 * C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Core Service)
010   C:\Program Files\Everything\Everything.exe (Everything)
010   C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (FreemakeUtilsService)
010 * C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Support Solutions Framework Service)
010 * C:\Windows\SysWow64\IntelCpHeciSvc.exe (IntelCpHeciSvc Executable)
010 * C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Phone Number Recognition (PNR) module)
010 * C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Product Updater)
010 * C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Updater Service)
010   C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (System Level Service Utility)
010 * C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer 10)
010 * C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Updates Skype Click to Call)
011 * C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (HWiNFO AMD64 Kernel Driver)
011 * C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS (SASDIFSV64.SYS)
011 * C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS (SASKUTIL64.SYS)
031 * C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) {91774881-D725-4E58-B298-07617B9B86A8}
035 * C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe (Google Inc.) {8A69D345-D564-463c-AFF1-A69D9E530F96}
047   Zone: apps.driversupport.com : https://apps.driversupport.com
047   Zone: apps.driversupport.com : http://apps.driversupport.com
052 * C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll (Oracle Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
052 * C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9}
061   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
061   C:\PROGRA~2\PAINTS~1\picview.dll {19741013-C829-11D1-8233-0020AF3E97A9}
073   Adobe Flash Player Updater.job : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
100   Default_Page_URL HKLM : http://www.safesear.ch/?type=20160628-185-ie
100   Search Page HKCU : http://www.safesear.ch/web/?type=20160628-185-sshome-ie-df&q={searchTerms}
100   Search Page HKLM : http://www.safesear.ch/web/?type=20160628-185-sshome-ie-df&q={searchTerms}
100   SearchAssistant HKCU : http://www.safesear.ch/web/?type=20160628-185-sshome-ie-df&q={searchTerms}
100   Start Page HKCU : http://www.yahoo.com/
100   Start Page HKLM : http://www.safesear.ch/?type=20160628-185-ie
173   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
173 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
173   C:\PROGRA~2\PAINTS~1\picview.dll {19741013-C829-11D1-8233-0020AF3E97A9}
220 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
221   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
221 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
221   C:\PROGRA~2\PAINTS~1\picview.dll {19741013-C829-11D1-8233-0020AF3E97A9}
225   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
225   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
226 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
227   GUID / CLSID not found {F87DED31-303F-4ED1-9BCE-D360FBC74E0A}
227   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
227 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
227 * C:\Program Files (x86)\MPC-BE\MPCBEShellExt.dll (MPC-BE Team) {A2CF4243-6525-4764-B3F5-2FCDE2F47989}
228 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
229 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
250 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
251   C:\Program Files (x86)\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
251 * C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) {5B69A6B4-393B-459C-8EBB-214237A9E7AC}
254 * C:\Program Files\FileZilla FTP Client\fzshellext.dll {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B}
001 C:\Windows\System32\csrss.exe
001 C:\Windows\System32\csrss.exe
001 C:\Windows\System32\conhost.exe
001 C:\Windows\System32\conhost.exe
001 C:\Windows\System32\dwm.exe
001 C:\Windows\System32\hkcmd.exe
001 C:\Windows\System32\taskhost.exe
001 C:\Windows\System32\lsass.exe
001 C:\Windows\System32\lsm.exe
001 C:\Windows\System32\wisptis.exe
001 C:\Windows\System32\wisptis.exe
001 C:\Windows\System32\igfxpers.exe
001 C:\Windows\System32\services.exe
001 C:\Windows\System32\spoolsv.exe
001 C:\Windows\System32\WUDFHost.exe
001 C:\Windows\System32\winlogon.exe
001 C:\Windows\System32\smss.exe
001 C:\Windows\System32\wuauclt.exe

Missing files
-------------
010 C:\Windows\system32\AxInstSV.dll
010 C:\Windows\system32\aelupsvc.dll
010 C:\Windows\system32\appidsvc.dll
010 C:\Windows\system32\appinfo.dll
010 C:\Windows\system32\Alg.exe
010 C:\Windows\system32\qmgr.dll
010 C:\Windows\system32\bfe.dll
010 C:\Windows\system32\bdesvc.dll
010 C:\Windows\System32\bthserv.dll
010 C:\Windows\system32\browser.dll
010 C:\Windows\system32\vaultsvc.dll
010 C:\Windows\system32\dwm.exe
010 C:\Windows\system32\trkwks.dll
010 C:\Windows\system32\efssvc.dll
010 C:\Windows\system32\wecsvc.dll
010 C:\Windows\system32\wevtsvc.dll
010 C:\Windows\system32\fdPHost.dll
010 C:\Windows\system32\fdrespub.dll
010 C:\Windows\system32\ieetwcollectorres.dll
010 C:\Windows\system32\ikeext.dll
010 C:\Windows\system32\ui0detect.exe
010 C:\Windows\system32\kmsvc.dll
010 C:\Windows\system32\lltdres.dll
010 C:\Windows\system32\eapsvc.dll
010 C:\Windows\system32\ipnathlp.dll
010 C:\Windows\System32\certprop.dll
010 C:\Windows\System32\certprop.dll
010 C:\Windows\system32\sppsvc.exe
010 C:\Windows\system32\TabSvc.dll
010 C:\Windows\System32\sensrsvc.dll
010 C:\Windows\system32\UtcResources.dll
010 C:\Windows\system32\defragsvc.dll
010 C:\Windows\system32\wbengine.exe
010 C:\Windows\system32\vssvc.exe
010 C:\Windows\System32\swprv.dll
010 C:\Windows\system32\sdrsvc.dll
010 C:\Program Files (x86)\Windows Defender\MsMpRes.dll
010 C:\Windows\system32\mmcss.dll
010 C:\Windows\system32\mmcss.dll
010 C:\Windows\system32\netman.dll
010 C:\Windows\System32\nlasvc.dll
010 C:\Windows\system32\nsisvc.dll
010 C:\Windows\system32\p2psvc.dll
010 C:\Windows\system32\IPBusEnum.dll
010 C:\Windows\system32\pnrpauto.dll
010 C:\Windows\system32\pnrpsvc.dll
010 C:\Windows\system32\pnrpsvc.dll
010 C:\Windows\system32\wpdbusenum.dll
010 C:\Windows\System32\wercplsupport.dll
010 C:\Windows\system32\profsvc.dll
010 C:\Windows\system32\pcasvc.dll
010 C:\Windows\system32\sstpsvc.dll
010 C:\Windows\system32\qagentrt.dll
010 regsvc.dll
010 C:\Windows\system32\rasauto.dll
010 C:\Windows\system32\rasmans.dll
010 C:\Windows\System32\termsrv.dll
010 C:\Windows\system32\RpcEpMap.dll
010 C:\Windows\system32\Locator.exe
010 C:\Windows\system32\samsrv.dll
010 C:\Windows\system32\seclogon.dll
010 C:\Windows\system32\srvsvc.dll
010 C:\Windows\system32\iphlpsvc.dll
010 C:\Windows\System32\SCardSvr.dll
010 C:\Windows\system32\snmptrap.exe
010 C:\Windows\system32\spoolsv.exe
010 C:\Windows\system32\sppuinotify.dll
010 C:\Windows\system32\ssdpsrv.dll
010 C:\Windows\system32\wiaservc.dll
010 C:\Windows\system32\sysmain.dll
010 C:\Windows\system32\schedsvc.dll
010 C:\Windows\system32\lmhsvc.dll
010 C:\Windows\system32\umpnpmgr.dll
010 C:\Windows\system32\umpo.dll
010 C:\Windows\system32\vds.exe
010 C:\Windows\system32\dps.dll
010 C:\Windows\system32\Wat\WatUX.exe
010 C:\Windows\System32\audiosrv.dll
010 C:\Windows\System32\audiosrv.dll
010 C:\Windows\system32\wbiosrvc.dll
010 C:\Windows\system32\wudfsvc.dll
010 C:\Windows\System32\wersvc.dll
010 C:\Windows\system32\FntCache.dll
010 C:\Windows\System32\ListSvc.dll
010 C:\Windows\System32\wscsvc.dll
010 C:\Windows\System32\themeservice.dll
010 C:\Windows\system32\w32time.dll
010 C:\Windows\system32\wuaueng.dll
010 C:\Windows\System32\wlansvc.dll
010 C:\Windows\system32\dot3svc.dll
010 C:\Windows\system32\wbem\wmisvc.dll
010 C:\Windows\system32\wbem\wmiapsrv.exe
010 C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
010 C:\Windows\system32\wkssvc.dll
010 C:\Windows\System32\wwansvc.dll
011 c:\windows\system32\drivers\1394ohci.sys
011 c:\windows\system32\drivers\ohci1394.sys
011 c:\windows\system32\drivers\agp440.sys
011 c:\windows\system32\drivers\ACPI.sys
011 c:\windows\system32\drivers\acpipmi.sys
011 c:\windows\system32\DRIVERS\avc3.sys
011 c:\windows\system32\DRIVERS\avckf.sys
011 c:\windows\system32\drivers\adp94xx.sys
011 c:\windows\system32\drivers\adpahci.sys
011 c:\windows\system32\drivers\adpu320.sys
011 c:\windows\system32\drivers\aliide.sys
011 c:\windows\system32\drivers\amdide.sys
011 c:\windows\system32\drivers\amdsata.sys
011 c:\windows\system32\drivers\amdsbs.sys
011 c:\windows\system32\drivers\amdxata.sys
011 C:\Windows\system32\drivers\afd.sys
011 c:\windows\system32\drivers\anvsnddrv.sys
011 C:\Windows\system32\appidsvc.dll
011 c:\windows\system32\drivers\arc.sys
011 c:\windows\system32\drivers\arcsas.sys
011 c:\windows\system32\drivers\atapi.sys
011 C:\Windows\system32\drivers\Beep.sys
011 c:\windows\system32\DRIVERS\avchv.sys
011 C:\Windows\system32\drivers\fvevol.sys
011 c:\windows\system32\DRIVERS\blbdrive.sys
011 c:\windows\system32\DRIVERS\btmaux.sys
011 c:\windows\system32\DRIVERS\BthEnum.sys
011 c:\windows\system32\drivers\bthmodem.sys
011 c:\windows\system32\drivers\hidbth.sys
011 c:\windows\system32\DRIVERS\bthpan.sys
011 c:\windows\system32\DRIVERS\rfcomm.sys
011 c:\windows\system32\DRIVERS\b57nd60a.sys
011 c:\windows\system32\drivers\evbda.sys
011 c:\windows\system32\drivers\bxvbda.sys
011 c:\windows\System32\Drivers\Brserid.sys
011 c:\windows\System32\Drivers\BrSerWdm.sys
011 c:\windows\System32\Drivers\BrUsbMdm.sys
011 c:\windows\System32\Drivers\BrUsbSer.sys
011 System32\Drivers\BTHport.sys
011 System32\Drivers\BTHUSB.sys
011 c:\windows\system32\DRIVERS\btmhsf.sys
011 c:\windows\system32\DRIVERS\cdfs.sys
011 c:\windows\system32\drivers\cmdide.sys
011 System32\Drivers\cng.sys
011 C:\Windows\system32\clfs.sys
011 c:\windows\system32\DRIVERS\compbatt.sys
011 C:\Windows\system32\browser.dll
011 c:\windows\system32\drivers\circlass.sys
011 c:\windows\system32\DRIVERS\CmBatt.sys
011 c:\windows\system32\DRIVERS\usbhub.sys
011 C:\Windows\system32\drivers\dfsc.sys
011 c:\windows\System32\drivers\dxgkrnl.sys
011 c:\windows\system32\drivers\crcdisk.sys
011 c:\windows\system32\DRIVERS\usbehci.sys
011 c:\windows\system32\drivers\elxstor.sys
011 c:\windows\system32\drivers\errdev.sys
011 C:\Windows\system32\drivers\fastfat.sys
011 C:\Windows\system32\drivers\fsdepends.sys
011 C:\Windows\system32\drivers\filetrace.sys
011 C:\Windows\system32\drivers\fileinfo.sys
011 c:\windows\system32\DRIVERS\dc3d.sys
011 c:\windows\system32\drivers\fdc.sys
011 c:\windows\system32\drivers\flpydisk.sys
011 c:\windows\system32\drivers\umpass.sys
011 C:\Windows\system32\drivers\hwpolicy.sys
011 c:\windows\system32\drivers\hcw85cir.sys
011 c:\windows\system32\drivers\HidBatt.sys
011 c:\windows\system32\DRIVERS\kbdhid.sys
011 c:\windows\system32\DRIVERS\mouhid.sys
011 c:\windows\system32\DRIVERS\HDAudBus.sys
011 c:\windows\system32\drivers\HdAudio.sys
011 c:\windows\system32\drivers\HpSAMD.sys
011 C:\Windows\system32\drivers\http.sys
011 c:\windows\system32\DRIVERS\i8042prt.sys
011 c:\windows\system32\DRIVERS\iBtFltCoex.sys
011 c:\windows\system32\DRIVERS\igdkmd64.sys
011 c:\windows\system32\drivers\iirsp.sys
011 C:\Windows\system32\drivers\irenum.sys
011 c:\windows\system32\drivers\hidir.sys
011 c:\windows\system32\drivers\iaStorV.sys
011 c:\windows\system32\DRIVERS\iaStor.sys
011 c:\windows\system32\DRIVERS\IntcDAud.sys
011 c:\windows\system32\DRIVERS\TeeDriverx64.sys
011 c:\windows\system32\DRIVERS\iusb3xhc.sys
011 c:\windows\system32\DRIVERS\iusb3hcs.sys
011 c:\windows\system32\DRIVERS\iusb3hub.sys
011 c:\windows\system32\DRIVERS\NETwsw01.sys
011 c:\windows\system32\drivers\intelide.sys
011 c:\windows\system32\drivers\IPMIDrv.sys
011 System32\drivers\ipnat.sys
011 c:\windows\system32\drivers\isapnp.sys
011 c:\windows\system32\drivers\Wdf01000.sys
011 c:\windows\system32\drivers\ksthunk.sys
011 c:\windows\system32\DRIVERS\kbdclass.sys
011 System32\Drivers\ksecdd.sys
011 System32\Drivers\ksecpkg.sys
011 c:\windows\system32\DRIVERS\lltdio.sys
011 c:\windows\system32\DRIVERS\rspndr.sys
011 C:\Windows\system32\drivers\spldr.sys
011 c:\windows\system32\DRIVERS\lvrs64.sys
011 c:\windows\system32\drivers\lsi_fc.sys
011 c:\windows\system32\drivers\lsi_sas.sys
011 c:\windows\system32\drivers\lsi_sas2.sys
011 c:\windows\system32\drivers\lsi_scsi.sys
011 C:\Windows\system32\drivers\luafv.sys
011 C:\Windows\system32\drivers\secdrv.sys
011 c:\windows\system32\drivers\mcaudrv_x64.sys
011 c:\windows\system32\DRIVERS\mcvidrv.sys
011 C:\Windows\system32\drivers\netbt.sys
011 c:\windows\system32\drivers\megasas.sys
011 c:\windows\system32\drivers\MegaSR.sys
011 C:\Windows\system32\drivers\exfat.sys
011 C:\Windows\system32\drivers\fltmgr.sys
011 c:\windows\system32\drivers\msiscsi.sys
011 c:\windows\system32\drivers\MTConfig.sys
011 C:\Windows\system32\drivers\qwavedrv.sys
011 c:\windows\system32\drivers\rdpbus.sys
011 C:\Windows\System32\drivers\scfilter.sys
011 c:\windows\system32\drivers\drmkaud.sys
011 c:\windows\system32\DRIVERS\tunnel.sys
011 c:\windows\system32\drivers\modem.sys
011 c:\windows\system32\DRIVERS\monitor.sys
011 C:\Windows\system32\drivers\mountmgr.sys
011 c:\windows\system32\DRIVERS\mouclass.sys
011 c:\windows\system32\drivers\mpio.sys
011 c:\windows\system32\drivers\uagp35.sys
011 c:\windows\system32\drivers\gagp30kx.sys
011 c:\windows\system32\drivers\MSKSSRV.sys
011 c:\windows\system32\drivers\MSPCLOCK.sys
011 c:\windows\system32\drivers\MSPQM.sys
011 c:\windows\system32\drivers\msahci.sys
011 c:\windows\system32\drivers\msdsm.sys
011 C:\Windows\system32\drivers\Msfs.sys
011 c:\windows\system32\drivers\msisadrv.sys
011 C:\Windows\system32\drivers\MsRPC.sys
011 C:\Windows\system32\drivers\mup.sys
011 c:\windows\system32\DRIVERS\CompositeBus.sys
011 c:\windows\system32\drivers\tdpipe.sys
011 c:\windows\system32\DRIVERS\nwifi.sys
011 C:\Windows\system32\drivers\ndis.sys
011 c:\windows\system32\DRIVERS\ndiscap.sys
011 C:\Windows\system32\drivers\NDProxy.sys
011 c:\windows\system32\DRIVERS\ndisuio.sys
011 c:\windows\system32\DRIVERS\netbios.sys
011 c:\windows\system32\drivers\nv_agp.sys
011 c:\windows\system32\drivers\nfrd960.sys
011 c:\windows\system32\drivers\npf.sys
011 C:\Windows\system32\drivers\Npfs.sys
011 C:\Windows\system32\drivers\nsiproxy.sys
011 C:\Windows\system32\drivers\Ntfs.sys
011 c:\windows\system32\drivers\pci.sys
011 C:\Windows\system32\drivers\Null.sys
011 c:\windows\system32\drivers\nvraid.sys
011 c:\windows\system32\drivers\nvstor.sys
011 c:\windows\system32\drivers\usbohci.sys
011 c:\windows\system32\drivers\parport.sys
011 C:\Windows\system32\drivers\partmgr.sys
011 C:\Windows\system32\drivers\mshidkmdf.sys
011 C:\Windows\System32\drivers\pctplfw64.sys
011 C:\Windows\System32\drivers\pctgntdi64.sys
011 C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys
011 c:\windows\system32\DRIVERS\pctNdis64.sys
011 c:\windows\system32\DRIVERS\pctNdis64.sys
011 c:\windows\system32\drivers\pciide.sys
011 c:\windows\system32\drivers\pcmcia.sys
011 System32\Drivers\pcouffin.sys
011 System32\drivers\pcw.sys
011 c:\windows\system32\DRIVERS\swenum.sys
011 c:\windows\system32\drivers\disk.sys
011 c:\windows\system32\DRIVERS\point64.sys
011 c:\windows\system32\drivers\amdk8.sys
011 c:\windows\system32\drivers\processr.sys
011 c:\windows\system32\DRIVERS\intelppm.sys
011 c:\windows\system32\drivers\amdppm.sys
011 c:\windows\system32\drivers\peauth.sys
011 C:\Windows\system32\sstpsvc.dll
011 System32\Drivers\PxHlpa64.sys
011 c:\windows\system32\drivers\ql2300.sys
011 c:\windows\system32\drivers\ql40xx.sys
011 C:\Windows\System32\drivers\pacer.sys
011 c:\windows\system32\DRIVERS\AgileVpn.sys
011 System32\DRIVERS\rasacd.sys
011 C:\Windows\system32\drivers\rawdsk3.sys
011 C:\Windows\system32\drivers\RDPENCDD.sys
011 C:\Windows\system32\DRIVERS\RDPCDD.sys
011 C:\Windows\system32\drivers\RdpRefMp.sys
011 C:\Windows\system32\drivers\RDPWD.sys
011 System32\drivers\rdpvideominiport.sys
011 System32\drivers\rdyboost.sys
011 c:\windows\system32\DRIVERS\Rt64win7.sys
011 c:\windows\system32\DRIVERS\RtsBaStor.sys
011 c:\windows\system32\drivers\RTKVHD64.sys
011 c:\windows\system32\drivers\TsUsbGD.sys
011 c:\windows\system32\DRIVERS\termdd.sys
011 C:\Windows\system32\drivers\tsusbflt.sys
011 c:\windows\system32\DRIVERS\revoflt.sys
011 c:\windows\system32\drivers\sbp2port.sys
011 c:\windows\system32\DRIVERS\cdrom.sys
011 c:\windows\system32\drivers\sfloppy.sys
011 c:\windows\system32\drivers\serial.sys
011 c:\windows\system32\drivers\sermouse.sys
011 c:\windows\system32\drivers\serenum.sys
011 C:\Windows\system32\srvsvc.dll
011 C:\Windows\system32\srvsvc.dll
011 c:\windows\system32\drivers\SiSRaid2.sys
011 c:\windows\system32\drivers\sisraid4.sys
011 c:\windows\system32\drivers\sffdisk.sys
011 c:\windows\system32\drivers\sffp_mmc.sys
011 c:\windows\system32\drivers\sffp_sd.sys
011 c:\windows\System32\Drivers\sptd.sys
011 System32\DRIVERS\srvnet.sys
011 c:\windows\system32\DRIVERS\StarPortLite.sys
011 c:\windows\system32\drivers\stexstor.sys
011 C:\Windows\system32\drivers\discache.sys
011 c:\windows\system32\DRIVERS\mssmbios.sys
011 c:\windows\system32\drivers\tdtcp.sys
011 c:\windows\system32\DRIVERS\tcpip.sys
011 System32\drivers\tcpipreg.sys
011 c:\windows\system32\DRIVERS\teamviewervpn.sys
011 c:\windows\system32\DRIVERS\Trufos.sys
011 C:\Windows\System32\DRIVERS\tssecsrv.sys
011 c:\windows\system32\DRIVERS\udfs.sys
011 c:\windows\system32\drivers\usbuhci.sys
011 c:\windows\system32\drivers\uliagpkx.sys
011 c:\windows\system32\drivers\usbaudio.sys
011 c:\windows\system32\DRIVERS\usbccgp.sys
011 c:\windows\system32\drivers\usbcir.sys
011 c:\windows\system32\DRIVERS\USBSTOR.SYS
011 c:\windows\system32\DRIVERS\hidusb.sys
011 c:\windows\system32\DRIVERS\usbprint.sys
011 c:\windows\system32\DRIVERS\usbscan.sys
011 System32\Drivers\usbvideo.sys
011 c:\windows\system32\DRIVERS\umbus.sys
011 c:\windows\system32\DRIVERS\vgapnp.sys
011 c:\windows\System32\drivers\vga.sys
011 c:\windows\system32\drivers\vhdmp.sys
011 c:\windows\system32\drivers\viaide.sys
011 c:\windows\system32\drivers\vdrvroot.sys
011 c:\windows\system32\DRIVERS\vwifibus.sys
011 c:\windows\system32\DRIVERS\vwififlt.sys
011 c:\windows\system32\DRIVERS\vwifimp.sys
011 c:\windows\system32\drivers\volmgr.sys
011 C:\Windows\system32\drivers\volmgrx.sys
011 c:\windows\system32\drivers\volsnap.sys
011 c:\windows\system32\drivers\vsmraid.sys
011 c:\windows\system32\drivers\wacompen.sys
011 c:\windows\system32\drivers\wd.sys
011 c:\windows\system32\drivers\MSTEE.sys
011 c:\windows\system32\DRIVERS\wfplwf.sys
011 c:\windows\system32\drivers\WudfPf.sys
011 c:\windows\system32\DRIVERS\wmiacpi.sys
011 c:\windows\system32\drivers\BrFiltLo.sys
011 c:\windows\system32\drivers\BrFiltUp.sys
011 C:\Windows\System32\drivers\ws2ifsl.sys
011 C:\Windows\system32\wkssvc.dll
011 C:\Windows\system32\wkssvc.dll
011 C:\Windows\system32\wkssvc.dll
011 C:\Windows\system32\wkssvc.dll
011 c:\windows\system32\DRIVERS\WUDFRd.sys
013 C:\Windows\System32\mctadmin.exe
013 C:\Windows\System32\mctadmin.exe
032 rdpclip
063 autocheck
069 hpinksts7212LM.dll
069 HPDiscoPM7212.dll
069 localspl.dll
069 FXSMON.DLL
069 tcpmon.dll
069 usbmon.dll
069 WSDMon.dll
145 kbdclass.sys
210 C:\Windows\system32\sdclt.exe



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:21 AM

Posted 08 July 2016 - 06:59 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===

Please post the logs.

Let me know what problems persists.

#4 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 07:20 AM

Ok here we go part 1 and 2 of farbar the error happens every 5/6 days my guess guess and only a re boot can end the mess ;also

I for to add - before this error its worse a Pop up scam demanding $250. bucks to fix what ever they invent the malware to 

be; not callinf those idiots but friends have been slammed; but not me . 

 

The full error is  -  taksride.xyx - boost_interprocess - no idea what this crap is but it must go for good; I use ADW to remove XYX

but it returns 2 / 3 days followed by boost sometime s that day; the timing very very flaky does that help -  Fingers crossed .  .  .

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Robert (administrator) on ROBERT-PC (08-07-2016 08:02:54)
Running from C:\Users\Robert\Downloads
Loaded Profiles: Robert (Available Profiles: Robert)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(PC Tools) C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_22_0_0_192_ActiveX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Steven R. Gould) C:\Program Files (x86)\CleanUp!\Cleanup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\Run: [TouchpadBlocker.exe] => "C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe" -startup
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-06-18] (SUPERAntiSpyware)
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2016-02-06] (SmartSoft Ltd.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 167.206.245.135 167.206.245.136
Tcpip\..\Interfaces\{473A8ED1-A0EC-4968-A273-9C16B4C59BB5}: [DhcpNameServer] 167.206.245.135 167.206.245.136

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
SearchScopes: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-27] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-27] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000 -> No Name - {B4B3001E-0F56-4E51-8250-BDE11547EC55} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default
FF DefaultSearchEngine: Google
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default\user.js [2016-07-07]

Chrome:
=======
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-30]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-30]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-30]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-12-06] (Adobe Systems) [File not signed]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-06-03] (Ellora Assets Corp.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S4 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [712432 2015-08-27] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S4 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-26] (Maxthon)
R2 PCToolsFirewallPlus; C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [286000 2011-01-24] (PC Tools)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 TeamViewer; "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [X]
S2 YahooAUService; "C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe" [X]
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2015-11-16] (Motorola Solutions, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-16] (REALiX™)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-04-27] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-09-13] (Intel Corporation)
R3 PCTFW-PacketFilter; C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [119688 2011-01-12] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [334976 2011-01-17] (PC Tools)
S3 pctNdis; C:\Windows\System32\DRIVERS\pctNdis64.sys [79000 2010-07-08] (PC Tools)
R3 pctNdisMP; C:\Windows\System32\DRIVERS\pctNdis64.sys [79000 2010-07-08] (PC Tools)
R3 pctplfw; C:\Windows\System32\drivers\pctplfw64.sys [179976 2011-01-17] (PC Tools)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [41576 2016-02-19] (EldoS Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-11-20] (Duplex Secure Ltd.)
R1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [120704 2013-02-04] (StarWind Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-08 08:02 - 2016-07-08 08:03 - 00016483 _____ C:\Users\Robert\Downloads\FRST.txt
2016-07-08 08:02 - 2016-07-08 08:02 - 02390016 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2016-07-08 03:46 - 2016-07-08 03:46 - 00001641 _____ C:\Users\Public\Desktop\fxCalc.lnk
2016-07-08 03:46 - 2016-07-08 03:46 - 00001641 _____ C:\ProgramData\Desktop\fxCalc.lnk
2016-07-08 03:46 - 2016-07-08 03:46 - 00000000 ____D C:\Users\Robert\Documents\fx_calc
2016-07-08 03:46 - 2016-07-08 03:46 - 00000000 ____D C:\Users\Robert\AppData\Roaming\HJS
2016-07-08 03:46 - 2016-07-08 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fxCalc
2016-07-08 03:46 - 2016-07-08 03:46 - 00000000 ____D C:\Program Files\fxCalc
2016-07-08 03:43 - 2016-07-08 03:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-08 01:57 - 2009-03-24 13:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2016-07-08 01:53 - 2016-07-08 01:53 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2016-07-08 01:53 - 2016-07-08 01:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2016-07-08 01:52 - 2016-07-08 01:53 - 00000000 ____D C:\Program Files (x86)\CleanUp!
2016-07-08 01:28 - 2016-07-08 01:28 - 01583243 _____ C:\Users\Public\Documents\StreamScanResult 7-8-2016
2016-07-08 01:28 - 2016-07-08 01:28 - 01583243 _____ C:\ProgramData\Documents\StreamScanResult 7-8-2016
2016-07-07 14:37 - 2016-07-07 14:37 - 00020233 _____ C:\Users\Public\Documents\freefixer-log.txt
2016-07-07 14:37 - 2016-07-07 14:37 - 00020233 _____ C:\ProgramData\Documents\freefixer-log.txt
2016-07-07 14:33 - 2016-07-07 14:50 - 00000000 ____D C:\Program Files\FreeFixer
2016-07-07 14:33 - 2016-07-07 14:37 - 00000000 ____D C:\Users\Robert\AppData\Local\FreeFixer
2016-07-07 14:33 - 2016-07-07 14:33 - 00000000 ____D C:\Users\Robert\AppData\Roaming\FreeFixer
2016-07-07 14:28 - 2016-07-07 14:28 - 00003158 _____ C:\Windows\System32\Tasks\JetBoost_AutoUpdate
2016-07-07 14:28 - 2016-07-07 14:28 - 00000000 ____D C:\ProgramData\BlueSprig
2016-07-07 14:25 - 2016-07-07 14:28 - 00000000 ____D C:\Program Files (x86)\BlueSprig
2016-07-07 14:25 - 2016-07-07 14:25 - 00000000 ____D C:\Users\Robert\AppData\Roaming\BlueSprig
2016-07-07 12:56 - 2016-07-08 08:02 - 00000000 ____D C:\FRST
2016-07-07 03:21 - 2016-07-07 03:21 - 00036694 _____ C:\combo fix.txt
2016-07-07 00:12 - 2016-07-07 00:12 - 00036694 _____ C:\ComboFix.txt
2016-07-06 23:50 - 2016-07-07 00:12 - 00000000 ____D C:\Qoobox
2016-07-06 23:50 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2016-07-06 23:50 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2016-07-06 23:50 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-07-06 23:50 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-07-06 23:50 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-07-06 23:50 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2016-07-06 23:50 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2016-07-06 23:50 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2016-07-06 23:49 - 2016-07-07 00:11 - 00000000 ____D C:\Windows\erdnt
2016-07-06 16:32 - 2016-07-06 16:32 - 00077400 _____ C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-06 15:29 - 2016-07-06 15:29 - 00328240 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-06 03:08 - 2016-07-06 03:11 - 00000000 ____D C:\Users\Robert\AppData\Roaming\WiseUpdate
2016-07-06 03:08 - 2016-07-06 03:11 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Wise Euask
2016-07-05 19:25 - 2016-07-05 19:25 - 00000000 ____D C:\Users\Robert\AppData\Roaming\iolo
2016-07-05 07:50 - 2016-07-05 07:50 - 00000000 ____D C:\ProgramData\ProductData
2016-07-05 07:49 - 2016-07-05 07:49 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-05 06:25 - 2016-07-05 06:25 - 00000000 ____D C:\Program Files (x86)\NoVirusThanks
2016-07-05 05:58 - 2016-07-05 05:58 - 00001141 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2016-07-05 05:58 - 2016-07-05 05:58 - 00001141 _____ C:\ProgramData\Desktop\Yahoo! Messenger.lnk
2016-07-05 05:58 - 2016-07-05 05:58 - 00000000 ____D C:\Users\Robert\AppData\LocalLow\Yahoo! Companion
2016-07-05 05:58 - 2016-07-05 05:58 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2016-07-05 05:58 - 2016-07-05 05:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2016-07-05 04:59 - 2016-07-05 04:59 - 00080011 _____ C:\Users\Public\Documents\FictionMania Story Blue-bells.htm
2016-07-05 04:59 - 2016-07-05 04:59 - 00080011 _____ C:\ProgramData\Documents\FictionMania Story Blue-bells.htm
2016-07-05 04:59 - 2016-07-05 04:59 - 00000000 ____D C:\Users\Public\Documents\FictionMania Story Blue-bells_files
2016-07-05 04:59 - 2016-07-05 04:59 - 00000000 ____D C:\ProgramData\Documents\FictionMania Story Blue-bells_files
2016-07-05 03:27 - 2016-07-05 03:27 - 00000047 _____ C:\Users\Robert\AppData\Roaming\WB.CFG
2016-07-05 02:27 - 2016-07-05 02:29 - 00001336 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2016-07-05 02:27 - 2016-07-05 02:29 - 00001336 _____ C:\ProgramData\Desktop\Freemake Video Downloader.lnk
2016-07-05 02:27 - 2016-07-05 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-07-05 02:27 - 2016-07-05 02:27 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-07-05 02:26 - 2016-07-05 02:27 - 00000000 ____D C:\Users\Robert\AppData\Local\lase
2016-07-05 02:09 - 2016-07-05 02:09 - 00000000 ____D C:\Program Files\Common Files\iolo
2016-07-05 02:02 - 2016-07-05 02:01 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\Robert\Downloads\freemake-videoer [1].exe
2016-07-05 02:00 - 2016-07-05 02:00 - 00006424 _____ C:\Users\Public\Documents\9lab-log-2016-07-05 (01-10-38).txt
2016-07-05 02:00 - 2016-07-05 02:00 - 00006424 _____ C:\ProgramData\Documents\9lab-log-2016-07-05 (01-10-38).txt
2016-07-05 00:32 - 2016-07-05 00:32 - 00020145 _____ C:\Users\Public\Documents\Bondage  test.pdf
2016-07-05 00:32 - 2016-07-05 00:32 - 00020145 _____ C:\ProgramData\Documents\Bondage  test.pdf
2016-07-04 23:36 - 2016-07-05 02:05 - 00000000 ____D C:\Program Files\9-lab
2016-07-04 23:36 - 2016-07-04 23:36 - 00000000 ____D C:\Users\Robert\AppData\Roaming\9-lab
2016-07-04 23:36 - 2016-07-04 23:36 - 00000000 ____D C:\ProgramData\9-lab
2016-07-04 17:33 - 2016-07-07 19:04 - 00000992 _____ C:\Users\Robert\Desktop\AdsFix_Donate.lnk
2016-07-04 17:33 - 2016-07-04 22:58 - 00026252 _____ C:\AdsFix.txt
2016-07-04 17:31 - 2016-07-04 22:58 - 00000000 ____D C:\AdsFix
2016-07-04 17:26 - 2016-07-04 17:26 - 00000000 ____D C:\Users\Robert\AppData\Roaming\ProductData
2016-07-04 16:11 - 2016-07-05 18:53 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-07-04 16:11 - 2016-07-05 09:21 - 01618024 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-07-04 16:11 - 2016-07-05 02:27 - 11761264 _____ C:\Windows\ZAM.krnl.trace
2016-07-04 16:11 - 2016-07-04 16:11 - 00000000 ____D C:\Users\Robert\AppData\Local\Zemana
2016-07-04 15:59 - 2016-07-04 15:59 - 00001954 _____ C:\Users\Robert\Desktop\clean one.txt
2016-07-04 15:52 - 2016-07-04 15:54 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2016-07-04 00:24 - 2016-07-04 00:24 - 00000351 _____ C:\Network - Shortcut.lnk
2016-07-03 15:09 - 2016-07-03 15:09 - 00015141 _____ C:\Users\Public\Documents\Mistress answers.odt
2016-07-03 15:09 - 2016-07-03 15:09 - 00015141 _____ C:\ProgramData\Documents\Mistress answers.odt
2016-07-03 10:53 - 2016-07-03 10:53 - 00013675 _____ C:\Users\Robert\Downloads\[kat.cr]adobe.audition.cc.2015.8.0.0.192.eng.patch.keygen.appzdam.torrent
2016-07-03 10:52 - 2016-07-03 10:52 - 00012221 _____ C:\Users\Robert\Downloads\[kat.cr]adobe.audition.cc.6.0.build.732.64.bit.team.vr.chingliu.torrent
2016-07-03 10:52 - 2016-07-03 10:52 - 00011965 _____ C:\Users\Robert\Downloads\[kat.cr]adobe.audition.cc.2015.2.v9.2.multilingual.x64.oddsox.torrent
2016-07-03 06:01 - 2016-07-03 06:01 - 00074319 _____ C:\Users\Robert\Downloads\[kat.cr]new.ebook.packs.for.may.2016.torrent
2016-07-03 05:58 - 2013-01-23 13:44 - 00098304 _____ C:\Windows\EasyHook32.dll
2016-07-03 05:57 - 2016-07-03 11:33 - 00000000 ____D C:\Users\Robert\Documents\Ultraget Video Downloader
2016-07-03 04:54 - 2016-07-03 04:54 - 00000000 ____D C:\Users\Robert\Documents\VideoOutput
2016-07-03 04:54 - 2016-07-03 04:54 - 00000000 ____D C:\Users\Robert\Documents\Snapshot
2016-07-03 04:46 - 2016-07-03 04:46 - 00000000 ____D C:\Users\Robert\AppData\Local\FreemakeVideoDownloader
2016-07-03 02:48 - 2016-07-03 03:16 - 00000000 ____D C:\ProgramData\Sophos
2016-07-03 02:21 - 2016-07-03 02:21 - 00029516 _____ C:\Users\Robert\Downloads\[kat.cr]george.r.r.martin.s.a.game.of.thrones.5.audiobook.set.2.extra.torrent
2016-07-03 02:20 - 2016-07-03 02:20 - 00000947 _____ C:\Users\Robert\Downloads\[kat.cr]the.art.of.creative.thinking.89.ways.to.see.things.differently.torrent
2016-07-03 01:00 - 2016-07-03 01:00 - 00014593 _____ C:\Users\Robert\Downloads\[kat.cr]rct.819.prison.rezureipu.jogakuen.torrent
2016-07-03 00:35 - 2016-07-03 00:35 - 00117547 _____ C:\Users\Robert\Downloads\[kat.cr]cesd.171.hatano.strange.woman.prisoner.in.the.fence.yui.torrent
2016-07-03 00:34 - 2016-07-03 00:34 - 00028912 _____ C:\Users\Robert\Downloads\[kat.cr]ipz.779.captured.prisoners.there.s.nowhere.to.run.tragic.beautiful.convicts.are.repeatedly.raped.rino.kirishima.haruna.ikoma.torrent
2016-07-03 00:33 - 2016-07-03 00:33 - 00018502 _____ C:\Users\Robert\Downloads\[kat.cr]game.of.thrones.season.6.720p.hdtv.x265.hevc.shaanig.torrent
2016-07-02 22:56 - 2016-07-02 22:56 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2016-07-02 20:12 - 2016-07-02 20:13 - 00214680 _____ C:\TDSSKiller.3.1.0.9_02.07.2016_20.12.27_log.txt
2016-07-02 16:00 - 2016-07-02 16:00 - 00000000 ____D C:\ProgramData\AnyDesk
2016-07-02 15:59 - 2016-07-02 15:59 - 00000000 ____D C:\Users\Robert\AppData\Roaming\AnyDesk
2016-07-01 18:45 - 2016-07-03 11:34 - 00000000 ____D C:\Program Files\DVD Maker
2016-07-01 18:45 - 2016-07-01 18:45 - 00000000 ____D C:\Users\Public\Recorded TV
2016-07-01 18:23 - 2016-07-01 18:23 - 00000000 ____D C:\ProgramData\CzechMex LLC
2016-07-01 18:23 - 2016-07-01 18:23 - 00000000 ____D C:\Program Files (x86)\CzechMex LLC
2016-07-01 18:23 - 2010-09-30 13:06 - 00073728 _____ (CzechMex LLC) C:\Windows\SysWOW64\WebUpdate.ocx
2016-06-30 22:27 - 2016-07-03 11:33 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Manager
2016-06-30 22:27 - 2016-07-03 11:33 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Manager
2016-06-30 22:27 - 2016-06-30 22:30 - 00000000 ____D C:\Users\Robert\AppData\Local\Manager
2016-06-30 22:16 - 2016-06-30 22:16 - 00000000 ____D C:\Users\Public\Documents\Davis Software
2016-06-30 22:16 - 2016-06-30 22:16 - 00000000 ____D C:\ProgramData\Documents\Davis Software
2016-06-30 22:16 - 2016-06-30 22:16 - 00000000 ____D C:\Program Files (x86)\BS1 Accounting
2016-06-30 22:08 - 2016-06-30 22:12 - 00000000 ____D C:\Users\Robert\.gnucash
2016-06-30 22:07 - 2016-06-30 22:07 - 00000000 ____D C:\Program Files (x86)\gnucash
2016-06-30 21:51 - 2016-06-30 21:51 - 00000000 ____D C:\Program Files (x86)\Noguska
2016-06-29 18:55 - 2016-06-29 19:06 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-29 18:38 - 2016-07-03 11:33 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-29 18:06 - 2016-06-29 18:06 - 00000000 ____D C:\sh4ldr
2016-06-29 05:15 - 2016-06-29 05:15 - 00000000 ____D C:\Users\Robert\Documents\Anicesoft
2016-06-29 05:15 - 2016-06-29 05:15 - 00000000 ____D C:\ProgramData\Anicesoft
2016-06-29 05:14 - 2016-06-29 05:14 - 00002779 _____ C:\Users\Public\Desktop\AniceSoft EPUB Converter.lnk
2016-06-29 05:14 - 2016-06-29 05:14 - 00002779 _____ C:\ProgramData\Desktop\AniceSoft EPUB Converter.lnk
2016-06-29 05:14 - 2016-06-29 05:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AniceSoft
2016-06-29 05:14 - 2016-06-29 05:14 - 00000000 ____D C:\Program Files (x86)\AniceSoft
2016-06-29 05:04 - 2016-06-29 05:04 - 00698751 _____ C:\Users\Public\Documents\03 sweet seduction - maya banks.pdf
2016-06-29 05:04 - 2016-06-29 05:04 - 00698751 _____ C:\ProgramData\Documents\03 sweet seduction - maya banks.pdf
2016-06-29 04:52 - 2016-06-29 04:45 - 00000000 _____ C:\Users\Robert\Desktop\TeamViewer - Security Statement.pdf
2016-06-29 04:49 - 2016-07-07 14:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-29 04:49 - 2016-06-29 04:49 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-06-29 04:49 - 2016-06-29 04:49 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-06-29 04:49 - 2016-06-29 04:49 - 00001035 _____ C:\ProgramData\Desktop\TeamViewer 10.lnk
2016-06-29 04:08 - 2016-06-29 04:08 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2016-06-29 04:07 - 2016-06-29 04:07 - 00000000 ____D C:\Users\Robert\AppData\Local\Downloaded Installations
2016-06-29 02:17 - 2016-06-29 02:05 - 02727112 _____ (Adobe Systems, Incorporated) C:\Users\Robert\Desktop\amtlib.dll
2016-06-28 05:19 - 2016-07-08 05:19 - 00000000 ____D C:\Users\Robert\AppData\Local\Component
2016-06-28 05:19 - 2016-07-04 16:56 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-28 05:19 - 2016-07-03 11:41 - 00000000 ____D C:\Windows\System32\Tasks\Component System
2016-06-28 05:19 - 2016-07-03 11:40 - 00000000 ____D C:\Users\Robert\AppData\Local\intmanager
2016-06-28 05:19 - 2016-06-28 05:47 - 00000000 ____D C:\Program Files (x86)\Simple
2016-06-28 03:05 - 2016-06-28 03:05 - 00027936 _____ C:\Users\Robert\Downloads\A092B26E851FE2E5543F330333655EEF04C13C21.torrent
2016-06-28 03:03 - 2016-06-28 03:03 - 00029438 _____ C:\Users\Robert\Downloads\F7AE6A1F9A37489852063D1ACAB7F8BE5E4E3DCB.torrent
2016-06-28 02:59 - 2016-06-28 02:59 - 00146656 _____ C:\Users\Robert\Downloads\2BA611052631C9C957E6CD6E6F50FEF9351EBF24.torrent
2016-06-27 22:52 - 2016-06-27 22:52 - 00004365 _____ C:\Users\Robert\Downloads\10BD3D674118C3FB3A5486E4F12E403E47F50A0B.torrent
2016-06-27 00:46 - 2016-06-27 00:46 - 00116815 _____ C:\Users\Robert\Downloads\[kat.cr]dead.rising.endgame.2016.hdrip.xvid.ac3.evo.torrent
2016-06-27 00:46 - 2016-06-27 00:46 - 00015134 _____ C:\Users\Robert\Downloads\[kat.cr]the.huntsman.winters.war.2016.hdrip.xvid.etrg.torrent
2016-06-27 00:44 - 2016-06-27 00:44 - 00037031 _____ C:\Users\Robert\Downloads\[kat.cr]game.of.thrones.s06e09.480p.hdtv.x265.hevc.upload.hero.torrent
2016-06-27 00:44 - 2016-06-27 00:44 - 00018313 _____ C:\Users\Robert\Downloads\[kat.cr]game.of.thongs.s06e08.480p.221mb.hqwebrip.x264.mp4.rar.torrent
2016-06-27 00:44 - 2016-06-27 00:44 - 00012611 _____ C:\Users\Robert\Downloads\[kat.cr]game.of.thrones.s06e10.torrent
2016-06-26 11:57 - 2016-06-26 11:57 - 00004459 _____ C:\Users\Public\Documents\System Mechanic PC Report 16-06-26.html
2016-06-26 11:57 - 2016-06-26 11:57 - 00004459 _____ C:\ProgramData\Documents\System Mechanic PC Report 16-06-26.html
2016-06-26 11:55 - 2016-06-26 11:55 - 00000406 _____ C:\Windows\system32\ioloBootDefrag.cfg
2016-06-26 11:53 - 2016-07-03 11:22 - 00000000 ____D C:\Program Files (x86)\iolo
2016-06-26 11:51 - 2016-02-19 07:17 - 00041576 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2016-06-26 11:44 - 2016-07-03 11:40 - 00000000 ____D C:\Program Files\Recuva
2016-06-26 11:44 - 2016-06-26 11:44 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-06-26 11:44 - 2016-06-26 11:44 - 00001658 _____ C:\ProgramData\Desktop\Recuva.lnk
2016-06-26 11:44 - 2016-06-26 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-06-26 11:25 - 2016-06-26 11:25 - 00000000 ____D C:\ProgramData\Evonsoft
2016-06-26 10:37 - 2016-06-26 10:37 - 00024021 _____ C:\Users\Robert\Downloads\[kat.cr]bban.067.shibuya.kaho.nozomi.tanihara.lesbian.who.talks.dirty.drives.a.married.woman.to.the.edge.and.renders.her.a.prisoner.to.love.torrent
2016-06-26 10:36 - 2016-06-26 10:36 - 00016348 _____ C:\Users\Robert\Downloads\[kat.cr]dasd.281.finest.sex.slaves.training.prison.unpublished.torture.record.torrent
2016-06-26 10:36 - 2016-06-26 10:36 - 00016345 _____ C:\Users\Robert\Downloads\[kat.cr]prison.xxx.dvdrip.x264.twisteddesires.torrent
2016-06-26 10:32 - 2016-06-26 10:32 - 00006474 _____ C:\Users\Robert\Downloads\[kat.cr]the.prison.detenuta.in.affitto.italian.xxx.torrent
2016-06-26 10:24 - 2016-06-26 10:24 - 00038320 _____ C:\Users\Robert\Downloads\[kat.cr]advf.101.prison.2.aragaki.cherry.uraraniku.torrent
2016-06-26 10:23 - 2016-06-26 10:23 - 00019516 _____ C:\Users\Robert\Downloads\[kat.cr]jav.censored.ipz.508.immoral.prison.kidnapping.happy.couples.for.forced.confinement.and.swapping.r.torrent
2016-06-26 10:23 - 2016-06-26 10:23 - 00016877 _____ C:\Users\Robert\Downloads\[kat.cr]bdsm.prison.pack.1.torrent
2016-06-26 10:22 - 2016-06-26 10:22 - 00016327 _____ C:\Users\Robert\Downloads\[kat.cr]legalporno.evelina.darling.and.dominica.phoenix.take.no.prisoners.atm.spitting.manhandle.swallow.dap.tap.dap.p.fisting.anal.fist.gio176.new.may.0.torrent
2016-06-26 10:21 - 2016-06-26 10:21 - 00097895 _____ C:\Users\Robert\Downloads\[kat.cr]ntr.041.yosoji.beautiful.wife.to.become.a.prisoner.of.others.bar.knowingly.subordinates.of.her.husband.misa.arisawa.torrent
2016-06-26 10:21 - 2016-06-26 10:21 - 00054565 _____ C:\Users\Robert\Downloads\[kat.cr]supa.013.tits.home.ru.prisoners.to.point.out.the.chest.chira.teacher.2.torrent
2016-06-26 10:21 - 2016-06-26 10:21 - 00029290 _____ C:\Users\Robert\Downloads\[kat.cr]hd.gtj.031.nawa.female.prisoner.torture.eba.dragon.torrent
2016-06-26 10:20 - 2016-06-26 10:20 - 00001861 _____ C:\Users\Robert\Downloads\[kat.cr]the.foundations.of.mathematics.2.edition.pdf.zeke23.torrent
2016-06-26 10:19 - 2016-06-26 10:19 - 00005830 _____ C:\Users\Robert\Downloads\[kat.cr]handbook.of.mathematics.6th.edition.2015.pdf.torrent
2016-06-26 10:18 - 2016-06-26 10:18 - 00014654 _____ C:\Users\Robert\Downloads\[kat.cr]the.best.writing.on.mathematics.2015.2016.pdf.gooner.torrent
2016-06-26 10:18 - 2016-06-26 10:18 - 00000768 _____ C:\Users\Robert\Downloads\[kat.cr]complete.mathematics.a.teach.yourself.guide.by.trevor.johnson.hugh.neill.dr.soc.torrent
2016-06-26 10:17 - 2016-06-26 10:17 - 00017731 _____ C:\Users\Robert\Downloads\[kat.cr]easy.mathematics.step.by.step.1st.edition.2012.epub.gooner.torrent
2016-06-26 09:19 - 2016-06-26 09:19 - 00056898 _____ C:\Users\Robert\Downloads\[kat.cr]the.image.punishment.of.anne.silverdust.torrent
2016-06-26 09:19 - 2016-06-26 09:19 - 00024779 _____ C:\Users\Robert\Downloads\[kat.cr]kimberlee.anne.punishteens.thieving.teen.earns.a.punishment.torrent
2016-06-26 09:19 - 2016-06-26 09:19 - 00019035 _____ C:\Users\Robert\Downloads\[kat.cr]2.anne.rice.beauty.s.punishment.dawnstar.torrent
2016-06-26 09:19 - 2016-06-26 09:19 - 00014952 _____ C:\Users\Robert\Downloads\[kat.cr]anne.rice.beauty.s.punishment.torrent
2016-06-26 09:19 - 2016-06-26 09:19 - 00000592 _____ C:\Users\Robert\Downloads\[kat.cr]anne.rice.beauty.02.beautys.punishment.pdf.torrent
2016-06-26 09:18 - 2016-06-26 09:18 - 00014534 _____ C:\Users\Robert\Downloads\[kat.cr]classic.xxx.the.image.the.punishment.of.anne.1973.torrent
2016-06-26 09:16 - 2016-06-26 09:16 - 00020999 _____ C:\Users\Robert\Downloads\[kat.cr]die.flambierte.frau.1983.aka.a.woman.in.flames.gudrun.landgrebe.dvd.rip.avi.torrent
2016-06-26 00:31 - 2016-05-23 19:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-26 00:31 - 2016-05-23 18:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-26 00:31 - 2016-05-21 13:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-26 00:31 - 2016-05-21 12:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-26 00:31 - 2016-05-20 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-26 00:31 - 2016-05-20 18:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-26 00:31 - 2016-05-20 18:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-26 00:31 - 2016-05-20 18:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-26 00:31 - 2016-05-20 18:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-26 00:31 - 2016-05-20 18:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-26 00:31 - 2016-05-20 18:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-26 00:31 - 2016-05-20 18:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-26 00:31 - 2016-05-20 18:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-26 00:31 - 2016-05-20 18:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-26 00:31 - 2016-05-20 18:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-26 00:31 - 2016-05-20 17:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-26 00:31 - 2016-05-20 17:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-26 00:31 - 2016-05-20 17:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-26 00:31 - 2016-05-20 17:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-26 00:31 - 2016-05-20 17:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-26 00:31 - 2016-05-20 17:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-26 00:31 - 2016-05-20 17:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-26 00:31 - 2016-05-20 17:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-26 00:31 - 2016-05-20 17:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-26 00:31 - 2016-05-20 17:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-26 00:31 - 2016-05-20 17:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-26 00:31 - 2016-05-20 17:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-26 00:31 - 2016-05-20 17:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-26 00:31 - 2016-05-20 17:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-26 00:31 - 2016-05-20 17:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-26 00:31 - 2016-05-20 17:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-26 00:31 - 2016-05-20 17:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-26 00:31 - 2016-05-20 17:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-26 00:31 - 2016-05-20 17:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-26 00:31 - 2016-05-20 17:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-26 00:31 - 2016-05-20 17:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-26 00:31 - 2016-05-20 17:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-26 00:31 - 2016-05-20 17:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-26 00:31 - 2016-05-20 17:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-26 00:31 - 2016-05-20 17:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-26 00:31 - 2016-05-20 17:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-26 00:31 - 2016-05-20 17:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-26 00:31 - 2016-05-20 17:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-26 00:31 - 2016-05-20 17:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-26 00:31 - 2016-05-20 17:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-26 00:31 - 2016-05-20 17:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-26 00:31 - 2016-05-20 17:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-26 00:31 - 2016-05-20 17:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-26 00:31 - 2016-05-20 17:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-26 00:31 - 2016-05-20 17:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-26 00:31 - 2016-05-20 17:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-26 00:31 - 2016-05-20 17:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-26 00:31 - 2016-05-20 17:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-26 00:31 - 2016-05-20 17:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-26 00:31 - 2016-05-20 17:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-26 00:31 - 2016-05-20 17:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-26 00:31 - 2016-05-20 17:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-26 00:31 - 2016-05-20 17:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-26 00:31 - 2016-05-20 17:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-26 00:31 - 2016-05-20 17:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-26 00:31 - 2016-05-20 16:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-26 00:31 - 2016-05-20 16:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-26 00:31 - 2016-05-20 16:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-26 00:31 - 2016-05-20 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-26 00:31 - 2016-05-20 16:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-26 00:31 - 2016-05-20 16:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-26 00:31 - 2016-05-18 12:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-26 00:31 - 2016-05-18 12:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-26 00:31 - 2016-05-13 18:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-26 00:31 - 2016-05-13 18:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-26 00:31 - 2016-05-13 18:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-26 00:31 - 2016-05-13 18:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-26 00:31 - 2016-05-13 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-26 00:31 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-26 00:31 - 2016-05-13 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-26 00:31 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-26 00:31 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-26 00:31 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-26 00:31 - 2016-05-12 13:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-26 00:31 - 2016-05-12 13:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-26 00:31 - 2016-05-12 13:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-26 00:31 - 2016-05-12 13:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-26 00:31 - 2016-05-12 13:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-26 00:31 - 2016-05-12 13:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-26 00:31 - 2016-05-12 13:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-26 00:31 - 2016-05-12 13:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-26 00:31 - 2016-05-12 13:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-26 00:31 - 2016-05-12 13:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-26 00:31 - 2016-05-12 11:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-26 00:31 - 2016-05-12 11:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-26 00:31 - 2016-05-12 11:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-26 00:31 - 2016-05-12 10:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-26 00:31 - 2016-05-12 10:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-26 00:31 - 2016-05-12 10:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-26 00:31 - 2016-05-12 10:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-26 00:31 - 2016-05-12 10:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-26 00:31 - 2016-05-12 10:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-26 00:31 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-26 00:31 - 2016-05-12 10:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-26 00:31 - 2016-05-12 10:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-26 00:31 - 2016-05-12 09:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-26 00:31 - 2016-05-12 09:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-26 00:31 - 2016-05-12 09:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-26 00:31 - 2016-05-11 13:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-26 00:31 - 2016-05-11 13:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-26 00:31 - 2016-05-11 13:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-26 00:31 - 2016-05-11 13:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-26 00:31 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-26 00:31 - 2016-05-11 11:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-26 00:31 - 2016-05-11 11:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-26 00:31 - 2016-05-11 11:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-26 00:31 - 2016-05-11 11:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-26 00:31 - 2016-05-11 11:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-26 00:31 - 2016-05-11 10:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-25 19:03 - 2016-06-25 19:03 - 00000000 ____D C:\ProgramData\KRSHistory
2016-06-25 18:57 - 2016-06-25 18:57 - 00000000 ____D C:\Program Files (x86)\kingsoft
2016-06-25 18:57 - 2016-06-25 18:57 - 00000000 ____D C:\KRECYCLE
2016-06-25 18:22 - 2016-07-04 16:54 - 00001945 _____ C:\Windows\epplauncher.mif
2016-06-25 18:06 - 2016-07-03 12:42 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Runscanner.net
2016-06-25 14:57 - 2016-06-25 14:57 - 00000000 ____D C:\Users\Robert\.oracle_jre_usage
2016-06-25 14:55 - 2016-06-25 14:55 - 37328992 _____ (Oracle Corporation) C:\Users\Robert\Downloads\JavaSetup [1].exe
2016-06-24 20:49 - 2016-06-24 20:49 - 00000012 _____ C:\Users\Robert\Desktop\setting.ini
2016-06-24 19:28 - 2016-06-24 19:28 - 01610060 _____ C:\Users\Public\Documents\V tech phone.pdf
2016-06-24 19:28 - 2016-06-24 19:28 - 01610060 _____ C:\ProgramData\Documents\V tech phone.pdf
2016-06-23 00:57 - 2016-07-07 12:51 - 00000000 ____D C:\Users\Robert\Desktop\Wise Disk Cleaner
2016-06-23 00:57 - 2016-07-06 03:11 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Wise Disk Cleaner
2016-06-23 00:53 - 2016-06-23 00:53 - 14634624 _____ (BlueStack Systems Inc.) C:\Users\Robert\Downloads\crap-cleaner [1].exe
2016-06-18 19:59 - 2016-06-23 00:58 - 00000000 ____D C:\Windows\Minidump
2016-06-18 05:43 - 2016-06-18 05:43 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-18 05:43 - 2016-06-18 05:43 - 24399536 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 24310136 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 17359672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 15202040 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 13122584 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 12988344 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 10512448 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 06402440 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 05989809 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-18 05:43 - 2016-06-18 05:43 - 05776968 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 05593616 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 05085952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-18 05:43 - 2016-06-18 05:43 - 03299824 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 03199232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 03181209 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-06-18 05:43 - 2016-06-18 05:43 - 03094704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-18 05:43 - 2016-06-18 05:43 - 02825112 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02725392 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02477520 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02437760 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01847888 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01608128 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01435152 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01422928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01336544 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01213664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01186824 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01166160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01023240 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00999864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00962056 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00927424 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00923744 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00716112 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00618184 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00589072 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-06-18 05:43 - 2016-06-18 05:43 - 00582016 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00570096 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00472312 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00450128 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00447104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00416512 _____ (Harman) C:\Windows\system32\HMUI.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00366128 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00360352 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00341152 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00341152 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00258864 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00203848 _____ (Harman) C:\Windows\system32\HMHVS.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00190936 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00190936 _____ (Harman) C:\Windows\system32\HMEQ.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00179600 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00154368 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00118600 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00084624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-06-18 05:43 - 2016-06-18 05:43 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-18 05:42 - 2016-06-18 05:42 - 01028352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-06-18 05:42 - 2016-06-18 05:42 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-06-15 01:54 - 2016-06-15 01:54 - 00000000 ____D C:\Users\Robert\AppData\Roaming\EurekaLog
2016-06-15 00:35 - 2016-06-26 17:52 - 00000000 ____D C:\Users\Robert\Desktop\New Folder (2)
2016-06-13 22:49 - 2016-06-13 22:49 - 26223712 _____ (Digital Wave Ltd ) C:\Users\Robert\Downloads\FreeAudioEditor_1.1.27.607 [1].exe
2016-06-13 01:03 - 2016-06-13 01:03 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-12 14:38 - 2016-06-12 14:38 - 00010429 _____ C:\Users\Public\Documents\camera   links  sony.odt
2016-06-12 14:38 - 2016-06-12 14:38 - 00010429 _____ C:\ProgramData\Documents\camera   links  sony.odt
2016-06-12 13:41 - 2016-06-12 13:41 - 00000000 ____D C:\Users\Robert\Desktop\DCIM
2016-06-11 18:17 - 2016-06-11 18:17 - 01290332 _____ C:\Users\Robert\Desktop\DSCH300_EN_ES.pdf
2016-06-11 18:15 - 2016-06-11 18:15 - 02768273 _____ C:\Users\Robert\Desktop\DSC-H300_Cyber-shotUserGuide_EN.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-08 07:38 - 2016-05-27 07:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-08 03:49 - 2009-07-14 00:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-08 03:49 - 2009-07-14 00:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-08 03:43 - 2016-06-04 06:41 - 00000000 ___RD C:\Users\Robert\Creative Cloud Files
2016-07-08 03:43 - 2015-02-10 14:10 - 00000000 ____D C:\Users\Robert\AppData\Local\Adobe
2016-07-08 03:41 - 2015-10-19 04:05 - 00000000 ____D C:\Program Files (x86)\PC Tools Firewall Plus
2016-07-08 03:40 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-08 02:02 - 2015-10-19 04:05 - 00000000 ____D C:\ProgramData\TEMP
2016-07-08 00:36 - 2015-10-15 13:03 - 00000000 ____D C:\ProgramData\Ultra Adware Killer
2016-07-08 00:17 - 2009-07-14 01:13 - 00794392 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-08 00:17 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-07-07 14:42 - 2015-09-13 23:29 - 00000000 ____D C:\Program Files (x86)\Touchpad Blocker
2016-07-07 14:27 - 2016-01-17 01:48 - 00000000 ____D C:\Users\Robert\AppData\Roaming\FileZilla
2016-07-07 12:50 - 2015-09-14 16:47 - 00000000 ____D C:\Users\Robert\AppData\Local\CrashDumps
2016-07-07 12:28 - 2016-04-03 07:17 - 00000000 ____D C:\AdwCleaner
2016-07-07 03:25 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-07 00:37 - 2015-09-16 06:12 - 00000000 ____D C:\Users\Robert\AppData\Local\ElevatedDiagnostics
2016-07-07 00:07 - 2009-07-13 22:34 - 00000215 _____ C:\Windows\system.ini
2016-07-07 00:05 - 2009-07-13 22:34 - 81526784 _____ C:\Windows\system32\config\software.bak
2016-07-07 00:05 - 2009-07-13 22:34 - 44302336 _____ C:\Windows\system32\config\components.bak
2016-07-07 00:05 - 2009-07-13 22:34 - 20971520 _____ C:\Windows\system32\config\system.bak
2016-07-07 00:05 - 2009-07-13 22:34 - 01048576 _____ C:\Windows\system32\config\default.bak
2016-07-07 00:05 - 2009-07-13 22:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2016-07-07 00:05 - 2009-07-13 22:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2016-07-06 06:06 - 2016-05-23 23:29 - 00000000 ____D C:\Users\Robert\AppData\Local\MPlayer
2016-07-06 06:06 - 2015-09-14 14:49 - 00000000 ____D C:\Users\Robert\AppData\Roaming\vlc
2016-07-06 03:11 - 2016-04-24 17:37 - 00000000 ____D C:\ProgramData\Skype
2016-07-06 03:10 - 2015-09-16 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-05 19:25 - 2015-02-09 15:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-05 19:24 - 2016-05-12 00:47 - 00000000 ____D C:\Users\Robert\AppData\Roaming\SecondLife
2016-07-05 19:18 - 2016-04-01 21:49 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-07-05 18:53 - 2015-02-10 18:37 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-05 07:49 - 2015-02-10 18:37 - 00000000 ____D C:\ProgramData\IObit
2016-07-05 05:58 - 2015-09-13 15:51 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Yahoo!
2016-07-05 05:58 - 2015-09-13 15:51 - 00000000 ____D C:\Users\Robert\AppData\LocalLow\Yahoo!
2016-07-05 05:58 - 2015-09-13 15:50 - 00000000 ____D C:\ProgramData\Yahoo!
2016-07-05 05:58 - 2015-09-13 15:49 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-07-05 02:29 - 2015-09-14 14:51 - 00000000 ____D C:\ProgramData\Freemake
2016-07-05 02:27 - 2015-09-14 14:51 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-07-05 02:08 - 2016-04-24 17:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-05 01:37 - 2015-02-09 14:10 - 00000000 ____D C:\Users\Robert
2016-07-04 17:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Web
2016-07-04 16:56 - 2015-02-09 14:10 - 00001004 _____ C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-04 15:44 - 2015-02-10 18:37 - 00000000 ____D C:\Users\Robert\AppData\Roaming\IObit
2016-07-03 18:13 - 2016-05-31 16:39 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Everything
2016-07-03 16:17 - 2009-07-14 01:08 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-03 11:41 - 2016-05-23 23:28 - 00000000 ____D C:\Users\Robert\AppData\Roaming\FreeSmith
2016-07-03 11:41 - 2015-10-03 00:28 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Skype
2016-07-03 11:41 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-07-03 11:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help
2016-07-03 11:40 - 2016-05-31 16:39 - 00000000 ____D C:\Program Files\Everything
2016-07-03 11:40 - 2016-01-25 10:22 - 00000000 ____D C:\Program Files\SmartFTP Client
2016-07-03 11:40 - 2016-01-17 01:48 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-07-03 11:40 - 2015-12-09 15:06 - 00000000 ____D C:\Program Files\CoreFTP
2016-07-03 11:40 - 2015-11-23 16:31 - 00000000 ____D C:\Program Files\Microsoft Mathematics
2016-07-03 11:40 - 2015-09-30 13:46 - 00000000 ____D C:\Program Files\Bandizip
2016-07-03 11:40 - 2015-09-16 16:42 - 00000000 ____D C:\Program Files\HP
2016-07-03 11:40 - 2015-09-14 16:52 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-03 11:39 - 2016-05-27 07:02 - 00000000 ____D C:\Program Files (x86)\Logitech
2016-07-03 11:37 - 2016-04-30 15:22 - 00000000 ____D C:\Move
2016-07-03 11:37 - 2015-12-08 22:46 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-07-03 11:33 - 2016-05-29 22:44 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Enigma Software Group
2016-07-03 11:33 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-03 11:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2016-07-03 11:27 - 2015-12-11 04:00 - 00000000 ____D C:\Users\Desktop\IEPasswordDecryptor
2016-07-03 11:22 - 2016-02-12 03:56 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2016-06-29 04:06 - 2009-07-13 23:20 - 00000000 __RSD C:\Windows\Media
2016-06-28 05:19 - 2015-12-21 04:23 - 00000258 __RSH C:\Users\Robert\ntuser.pol
2016-06-26 20:58 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-06-26 11:57 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\Offline Web Pages
2016-06-26 11:41 - 2016-05-23 06:36 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-06-25 21:42 - 2016-03-11 06:13 - 00000000 ____D C:\Users\Robert\Desktop\Chastity And Feminization Product Tester_files
2016-06-25 18:57 - 2015-09-20 12:19 - 00000000 ____D C:\ProgramData\KingSoft
2016-06-25 14:58 - 2015-12-16 19:54 - 00000000 ____D C:\ProgramData\Oracle
2016-06-25 14:58 - 2015-12-16 19:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-25 14:56 - 2015-12-16 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-24 18:37 - 2016-03-08 08:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-24 18:37 - 2016-03-07 09:06 - 00000000 ____D C:\Program Files (x86)\Pale Moon
2016-06-24 18:37 - 2016-02-19 14:10 - 00000000 ____D C:\ProgramData\DVDRanger
2016-06-24 18:37 - 2015-10-18 20:58 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Anvsoft
2016-06-24 18:36 - 2016-05-23 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Player
2016-06-18 05:46 - 2016-04-27 23:34 - 00003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2016-06-18 05:46 - 2016-04-27 23:34 - 00003146 _____ C:\Windows\System32\Tasks\RTKCPL
2016-06-18 05:46 - 2015-09-13 15:40 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-18 05:45 - 2015-09-13 15:40 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-18 05:42 - 2015-02-09 15:55 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-06-17 17:58 - 2016-03-07 05:13 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 17:58 - 2016-03-07 05:13 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 17:58 - 2016-03-07 05:13 - 00002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-06-16 21:38 - 2016-05-27 07:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 21:38 - 2015-02-10 14:12 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 21:38 - 2015-02-10 14:12 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 12:12 - 2016-06-01 12:12 - 00000000 ____D C:\Users\Robert\AppData\Local\Windows Live
2016-06-13 23:02 - 2016-04-26 21:02 - 00000000 ____D C:\Users\Robert\AppData\Local\ocenaudio
2016-06-13 22:54 - 2016-02-03 04:09 - 00000000 ____D C:\Users\Robert\AppData\Roaming\DVDVideoSoft
2016-06-13 19:31 - 2010-11-20 23:27 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-13 01:04 - 2015-02-09 19:56 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Adobe
2016-06-13 01:03 - 2015-02-10 14:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-13 01:02 - 2015-09-16 06:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-13 00:15 - 2015-10-30 02:09 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Vso

==================== Files in the root of some directories =======

2016-01-18 02:55 - 2016-01-24 00:08 - 0000642 _____ () C:\Users\Robert\AppData\Roaming\burnaware.ini
2015-10-30 02:09 - 2015-12-03 14:36 - 0007859 _____ () C:\Users\Robert\AppData\Roaming\pcouffin.cat
2015-10-30 02:09 - 2015-12-03 14:36 - 0001167 _____ () C:\Users\Robert\AppData\Roaming\pcouffin.inf
2015-10-30 02:09 - 2016-01-24 10:43 - 0000055 _____ () C:\Users\Robert\AppData\Roaming\pcouffin.log
2015-10-30 02:09 - 2015-12-03 14:36 - 0082816 _____ (VSO Software) C:\Users\Robert\AppData\Roaming\pcouffin.sys
2015-12-09 13:42 - 2016-02-19 02:14 - 0558080 _____ () C:\Users\Robert\AppData\Roaming\SharedSettings.ccs
2016-07-05 03:27 - 2016-07-05 03:27 - 0000047 _____ () C:\Users\Robert\AppData\Roaming\WB.CFG
2016-01-19 18:32 - 2016-01-19 19:04 - 0000600 _____ () C:\Users\Robert\AppData\Roaming\winscp.rnd
2016-01-15 18:39 - 2016-01-15 18:39 - 0662052 _____ () C:\Users\Robert\AppData\Local\ars.cache
2016-01-15 18:40 - 2016-01-15 18:40 - 0595731 _____ () C:\Users\Robert\AppData\Local\census.cache
2015-09-30 12:49 - 2015-12-21 06:00 - 0006144 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-15 18:20 - 2016-01-15 18:20 - 0000036 _____ () C:\Users\Robert\AppData\Local\housecall.guid.cache
2015-11-23 16:35 - 2015-11-23 16:35 - 0000173 _____ () C:\Users\Robert\AppData\Local\msmathematics.qat.Robert
2016-01-22 08:28 - 2016-01-22 08:28 - 0007605 _____ () C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
2016-01-15 18:28 - 2016-01-15 18:28 - 0000010 _____ () C:\Users\Robert\AppData\Local\sponge.last.runtime.cache
2015-12-14 00:57 - 2015-12-14 00:57 - 0980176 _____ () C:\Users\Robert\AppData\Local\Webcam-Recorder_1432.rar
2016-02-26 00:52 - 2016-02-26 00:52 - 0970512 _____ () C:\Users\Robert\AppData\Local\Webcam-Recorder_982.rar
2015-09-16 16:42 - 2015-09-16 16:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-09-13 15:40 - 2015-09-13 15:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-03 12:18 - 2015-10-03 12:18 - 0001664 _____ () C:\ProgramData\tempimage.bmp

Files to move or delete:
====================
C:\Users\Desktop\Setup.exe
C:\Users\Desktop\SpyDetectFree.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-07 00:30

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Robert (2016-07-08 08:03:41)
Running from C:\Users\Robert\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-09 18:10:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4236931218-4029361051-1509103033-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4236931218-4029361051-1509103033-1004 - Limited - Enabled)
Guest (S-1-5-21-4236931218-4029361051-1509103033-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4236931218-4029361051-1509103033-1002 - Limited - Enabled)
Robert (S-1-5-21-4236931218-4029361051-1509103033-1000 - Administrator - Enabled) => C:\Users\Robert

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: PC Tools Firewall Plus (Enabled) {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Active@ ISO Burner 3.0 (HKLM-x32\...\{3B756F35-2504-429A-B36C-EA0961B6A2C0}_is1) (Version: 3.0 - LSoft Technologies Inc)
AdAwareInstaller (Version: 11.8.586.8535 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.8.586.8535 - Lavasoft) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.4192.0 - Lavasoft) Hidden
Any DVD Converter Professional 5.8.4 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version:  - Any-DVD-Converter.com)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AvcEngine (Version: 3.11.11387.0 - Lavasoft) Hidden
AVS Audio Editor 8.1.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.1.1.506 - Online Media Technologies Ltd.)
Bandizip (HKLM\...\Bandizip) (Version: 5.10 - Bandisoft.com)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
calibre (HKLM-x32\...\{5E53D5BC-E77B-4EB3-9F09-4F92C53664E9}) (Version: 2.39.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
CoffeeCup Free FTP (HKLM-x32\...\{66F43DBE-6D46-4BCE-831D-0D4C13639BE8}) (Version: 4.5.20 - CoffeeCup Software Inc.)
ConvertXtoDVD 4.1.20.0 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.20.0 - )
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.25 - NCH Software)
Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
DVDFab 9.2.2.8 (02/02/2016) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EPUB Converter 9.7.3 (HKLM-x32\...\{573A5F8F-B651-4378-A60D-2A2700508A67}) (Version: 9.7.3 - AniceSoft)
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
FreeSmith version 1.2.3 (HKLM-x32\...\{BFFB6CFD-13E8-4967-AA6D-A57E7280FFDA}_is1) (Version: 1.2.3 - Anvsoft)
fxCalc version 4.8.4.0 (HKLM\...\{DFE45560-14FE-4E70-82C0-7801846B70C3}_is1) (Version: 4.8.4.0 - Hans Jörg schmidt)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Officejet Pro 6830 Basic Device Software (HKLM\...\{98040AB6-D667-409C-81E7-DB65836B3EE0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3114 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
LibreOffice 5.1.3.2 (HKLM-x32\...\{5F7475A1-6240-4753-BE3E-61499621EC42}) (Version: 5.1.3.2 - The Document Foundation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.7.3000 - Maxthon International Limited)
Metal Player version 4.1.4.0 (HKLM-x32\...\{EF752F37-DA27-4E1D-8E83-BDF5FBB5E773}_is1) (Version: 4.1.4.0 - Abyssalsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-BE 1.4.5.787 (HKLM-x32\...\{903D098F-DD50-4342-AD23-DA868FCA3126}_is1) (Version: 1.4.5.787 - MPC-BE Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{85f0abc7-a704-429f-bebd-97cef3308293}) (Version:  - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
ocenaudio (HKLM-x32\...\ocenaudio) (Version: 3.0.9 - ocenaudio Team)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
PaintStar 2.70 (HKLM-x32\...\PaintStar_is1) (Version:  - Zhenzhou Wang)
Pale Moon 26.2.2 (x86 en-US) (HKLM-x32\...\Pale Moon 26.2.2 (x86 en-US)) (Version: 26.2.2 - Moonchild Productions)
PC Tools Firewall Plus 7.0 (HKLM-x32\...\PC Tools Firewall Plus) (Version: 7.0 - PC Tools)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.27055 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.9 - Developer Tribe (Pvt) Ltd.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
SmartFTP Client (HKLM\...\{A4DA4C86-8AF3-45DA-BD59-2C3140126D58}) (Version: 7.0.2190.0 - SmartSoft Ltd.)
SSuite Office WordGraph (HKLM-x32\...\{05102FD6-D968-454C-826B-9838C7600567}) (Version: 8.40.0001 - SSuite Office Software{TM})
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1218 - SUPERAntiSpyware.com)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Touchpad Blocker (HKLM-x32\...\Touchpad Blocker) (Version: 2.9 - KARPOLAN)
Vivaldi (HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\Vivaldi) (Version: 1.2.490.39 - Vivaldi)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VS10Runtimex64 (Version: 1.0.0 - sourcefire) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Password Recovery Tool Ultimate  (HKLM-x32\...\Windows Password Recovery Tool Ultimate) (Version:  - Tenorshare, Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13B9AD10-0534-4B59-8FA3-83311E00DA11} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {3245ACDB-945C-4618-9B84-172DBCA6F2E5} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-18] (Realtek Semiconductor)
Task: {5084F8D5-93EF-456E-AB0D-F1919C2ED448} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-18] (Realtek Semiconductor)
Task: {5A8BA00C-10CA-4BFB-B535-72337A165510} - System32\Tasks\AdobeAAMUpdater-1.0-Robert-PC-Robert => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {5BD15883-8B33-4BCD-A2C2-4C7DEA957895} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {62542B11-B56E-465D-9A1B-12F48F809E01} - System32\Tasks\{E7F1C12C-A044-41BA-8D60-16FF11AA1119} => pcalua.exe -a C:\Users\Robert\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {65B2DC50-08BD-4B72-A851-A8AF8CF2A05C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6F2349D1-95FB-4401-A341-DD8A7A21C345} - System32\Tasks\Component System\Component => C:\Users\Robert\AppData\Local\Component\com.exe [2016-06-18] ()
Task: {7DC7D64F-FC0E-436A-A642-98CC78FF0048} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8B5B48CC-54B1-4A32-89E5-6D4D039EB213} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9055AFFC-FAC6-4BE2-A0E6-B3A44B62CF8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9EBB61EF-8BA2-4532-93FE-BF93B9F5E585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AB1FAFE7-4E28-49BB-B38E-B7680C682D2A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C163D396-9555-455E-AAB3-7D2D72CE1E28} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {F62B49E8-EAE2-44E2-85CC-1944AB8927C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FCB7DBE5-02F1-40DD-9899-6DDA707A6998} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
Task: {FD322315-2182-4543-B096-1D51C8E65B7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (No File)

==================== Loaded Modules (Whitelisted) ==============

2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-02-22 16:18 - 2012-02-22 16:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-07-05 05:58 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2016-02-10 15:45 - 2016-02-10 15:45 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
AlternateDataStreams: C:\ProgramData\TEMP:99997250 [126]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [372]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\driversupport.com -> hxxps://apps.driversupport.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-07-07 00:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 167.206.245.135 - 167.206.245.136
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: LavasoftAdAwareService11 => 2
MSCONFIG\Services: MaxthonUpdateSvc => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: 00PCTFW => "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: ToolwizCareFree => "C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe" -autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{161A6499-6679-4CAB-BB50-E0AA735A8E98}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{BAE0F278-0EFB-4F22-9C79-D95356651461}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{458B564C-C2D0-4F27-ACB9-7464F42FEF3E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe
FirewallRules: [{8C2A4F27-5341-4E42-8AAA-948AC120F31D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe
FirewallRules: [{0F530DCB-7B9E-4172-A72E-CDA1D63D2D2C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe
FirewallRules: [{7335116D-0D9F-41B2-AC20-EF689656F2F1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe
FirewallRules: [{9F2C2F96-B42F-438F-9BD4-97F764DE2787}] => (Allow) LPort=5357
FirewallRules: [{D705482B-2ADF-4146-818F-BA5C3E42CB47}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0FA8F38B-43C2-4A73-AB04-0C66CBF6071D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{A932C76F-4BBA-4EDD-894F-D1F8332E559C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{2D4B5AA6-2B7E-478A-9DD3-9328BC807337}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{77CC8D02-0836-4880-BD56-5AA5637A12FA}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DCCA3DF4-83F9-4985-B1F1-C6AFC98C8C4F}] => (Allow) C:\Program Files (x86)\EMCO\Malware Destroyer 7\MalwareDestroyer.exe
FirewallRules: [{89B367A9-938D-437A-B982-F54D5FE9498F}] => (Allow) C:\Program Files (x86)\EMCO\Malware Destroyer 7\MalwareDestroyer.exe
FirewallRules: [{7C6B8977-CBD4-41FB-ACA0-DFAB339C72C1}] => (Allow) C:\Program Files\SmartFTP Client\SmartFTP.exe
FirewallRules: [{401C7AC0-94F9-42A0-86C0-6F6B72520DB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC5D2D59-31F9-418F-979C-587FA861FC23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B98B1E68-E3F1-4282-9C4F-B630184E20C4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{B914CFC3-303B-44E4-A2DC-FA4387D60C3F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{B76B5111-3F16-49A8-A7D7-6480C6C89676}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{A5B473CD-FE6D-4922-8B90-AA03CA3A943F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{7D3AFF87-B47C-4357-B4C3-0F6EAE8EF603}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{CC655FEF-A071-4BD8-B9CB-8CC7FD1C29FD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{9F93C4B0-B8C5-4A80-A408-D4524480CD4B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9C1550AD-437E-44B3-B1CB-C9A2E5AD8264}] => (Allow) LPort=2869
FirewallRules: [{BA1F9ACD-8DBB-4DA6-9E5A-3CB4549E6C3F}] => (Allow) LPort=1900
FirewallRules: [{E672A318-58B2-4CC9-AD1E-A5E09AF3A518}] => (Allow) C:\Users\Robert\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{DD0ECDD7-1142-485A-A3BC-85419A23C550}] => (Allow) C:\Program Files (x86)\EMCO\Malware Destroyer 7\MalwareDestroyer.exe
FirewallRules: [{FA9E6263-AB17-484C-A64A-14FAF3CADEAF}] => (Allow) C:\Program Files (x86)\EMCO\Malware Destroyer 7\MalwareDestroyer.exe
FirewallRules: [{3B966600-14E9-4655-AF92-41A109FDAC81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{31FB6E39-92E0-470F-ACE6-80382E5B33B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1BF154EE-966F-4C2F-AF5B-D6C7632042FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AF2A13D0-AE7F-43CB-BADC-717CE991A360}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8729A963-4954-4316-82A2-37A1110B5A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{A8064AE8-6CBA-412B-A1EC-D72343F79773}C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60DBCLNV\adsfix_3_01.07.2016.3.exe] => (Allow) C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60DBCLNV\adsfix_3_01.07.2016.3.exe
FirewallRules: [UDP Query User{8012CD5F-78FA-489A-B2C4-2168ADE624EB}C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60DBCLNV\adsfix_3_01.07.2016.3.exe] => (Allow) C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60DBCLNV\adsfix_3_01.07.2016.3.exe
FirewallRules: [TCP Query User{A8064AE8-6CBA-412B-A1EC-D72343F79773}C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUKZ60GV\adsfix_3_01.07.2016.3.exe] => (Allow) C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUKZ60GV\adsfix_3_01.07.2016.3.exe
FirewallRules: [UDP Query User{8012CD5F-78FA-489A-B2C4-2168ADE624EB}C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUKZ60GV\adsfix_3_01.07.2016.3.exe] => (Allow) C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LUKZ60GV\adsfix_3_01.07.2016.3.exe

==================== Restore Points =========================

29-06-2016 19:05:38 Checkpoint by HitmanPro
30-06-2016 22:27:23 Installed Manager
01-07-2016 04:44:29 Windows Update
01-07-2016 18:23:53 SB Cleaner_Initial_Restore_Point
02-07-2016 00:14:29 Checkpoint by HitmanPro
02-07-2016 17:17:55 1487/2/2016
02-07-2016 20:08:28 Checkpoint by HitmanPro
03-07-2016 02:46:51 Installed Sophos Virus Removal Tool.
03-07-2016 03:15:57 Removed Sophos Virus Removal Tool.
03-07-2016 08:15:49 Ultra Adware Killer adware removal
03-07-2016 11:14:03 Restore Operation
03-07-2016 12:01:01 Windows Update
04-07-2016 15:41:45 JRT Pre-Junkware Removal
05-07-2016 02:07:10 Removed Skype Click to Call
05-07-2016 02:07:54 Removed Skype™ 7.23
05-07-2016 02:08:30 Removed Skype™ 7.23
05-07-2016 02:09:38 Removed System Mechanic
05-07-2016 06:48:14 SYSTEM RESTORE POINT
05-07-2016 19:16:51 PC Decrapifier Restore Point
05-07-2016 19:25:09 Removed System Mechanic
07-07-2016 19:03:53 Ultra Adware Killer adware removal
07-07-2016 19:04:11 Removed Adblock Plus for IE (32-bit and 64-bit)

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2016 03:41:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2016 11:19:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2016 07:03:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {04977dee-89fa-41ca-96d0-2ac6a872becc}

Error: (07/07/2016 12:31:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18347 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1128

Start Time: 01d1d86cfaa4b117

Termination Time: 12

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (07/07/2016 12:30:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2016 11:43:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2016 03:23:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2016 12:06:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2016 03:30:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2016 03:26:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18347, time stamp: 0x573f74b6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x73e0cb49
Faulting process id: 0x16e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============
Error: (07/08/2016 03:41:07 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068Bluetooth OBEX Service{E9E0D51D-F407-4D91-B294-C111F721A3AF}

Error: (07/08/2016 03:41:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Bluetooth OBEX Service service depends on the Bluetooth Support Service service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (07/08/2016 03:40:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Yahoo! Updater service failed to start due to the following error:
%%2 = The system cannot find the file specified.

Error: (07/08/2016 03:40:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 10 service failed to start due to the following error:
%%2 = The system cannot find the file specified.

Error: (07/08/2016 03:40:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Bluetooth OBEX Service service depends on the Bluetooth Support Service service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (07/07/2016 11:19:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Bluetooth OBEX Service service depends on the Bluetooth Support Service service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (07/07/2016 11:19:46 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068Bluetooth OBEX Service{E9E0D51D-F407-4D91-B294-C111F721A3AF}

Error: (07/07/2016 11:19:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Yahoo! Updater service failed to start due to the following error:
%%2 = The system cannot find the file specified.

Error: (07/07/2016 11:19:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 10 service failed to start due to the following error:
%%2 = The system cannot find the file specified.

Error: (07/07/2016 11:19:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Bluetooth OBEX Service service depends on the Bluetooth Support Service service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

CodeIntegrity:
===================================
  Date: 2016-07-07 00:04:43.404
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-07 00:04:43.357
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-15 14:02:52.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 07:00:43.400
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 07:00:43.369
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 06:59:08.821
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 06:59:08.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 06:59:08.467
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 06:59:08.397
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-25 06:59:03.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 43%
Total physical RAM: 6027.91 MB
Available physical RAM: 3380.45 MB
Total Virtual: 12054 MB
Available Virtual: 9111.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.63 GB) (Free:361.72 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 71241BA7)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#5 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 07:37 AM

Dang boost_interprocess is back its here waiting to explode;  not good what should I do now; need  help . .



#6 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 09:21 AM

Dang no help yet



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:21 AM

Posted 08 July 2016 - 12:26 PM

Remove these programs via the Control Panel > Programs > Programs and Features applet.
Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000 -> No Name - {B4B3001E-0F56-4E51-8250-BDE11547EC55} -  No File
FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default\user.js [2016-07-07]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
S2 TeamViewer; "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [X]
S2 YahooAUService; "C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe" [X]
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
Task: {13B9AD10-0534-4B59-8FA3-83311E00DA11} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {65B2DC50-08BD-4B72-A851-A8AF8CF2A05C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6F2349D1-95FB-4401-A341-DD8A7A21C345} - System32\Tasks\Component System\Component => C:\Users\Robert\AppData\Local\Component\com.exe [2016-06-18] ()
Task: {7DC7D64F-FC0E-436A-A642-98CC78FF0048} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8B5B48CC-54B1-4A32-89E5-6D4D039EB213} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9055AFFC-FAC6-4BE2-A0E6-B3A44B62CF8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9EBB61EF-8BA2-4532-93FE-BF93B9F5E585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AB1FAFE7-4E28-49BB-B38E-B7680C682D2A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F62B49E8-EAE2-44E2-85CC-1944AB8927C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD322315-2182-4543-B096-1D51C8E65B7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (No File)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
AlternateDataStreams: C:\ProgramData\TEMP:99997250 [126]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [372]
FirewallRules: [{7D3AFF87-B47C-4357-B4C3-0F6EAE8EF603}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{CC655FEF-A071-4BD8-B9CB-8CC7FD1C29FD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
C:\Users\Robert\AppData\Local\Component\com.exe
C:\Program Files (x86)\IObit\Driver Booster
C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your
===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

Please let me know what problem persists with this computer.

#8 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 03:54 PM

Ok I don t know if the errors get fixed their are very flaky and random might be another week .

 

And I use drive booster and yahoo instant messenger a lot so not removing them .

 

Doing the logs you wanted now  



#9 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 04:26 PM

To hot and tired for now farbar can t find fixlist why is nothing easy will run last scan try farbar later after the heat dies down



#10 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 08 July 2016 - 05:59 PM

Ok heres the rogue report hope its don t see it fixed anything I mention hum not sure .  .  . 

 

 

 

RogueKiller V12.3.7.0 [Jul  4 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Robert [Administrator]
Started from : C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SFOKC4I\RogueKiller.exe
Mode : Scan -- Date : 07/08/2016 17:39:43

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 17 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\YahooAUService ("C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe") -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\YahooAUService ("C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe") -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\YahooAUService ("C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe") -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path|VT.Gen:Variant.Mikey.50384] \Component System\Component -- "C:\Users\Robert\AppData\Local\Component\com.exe" -> Found

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 316e935d2c97bcc7457a54667653d6cb
[BSP] 5febf2bcdaec541b47cf3a5751295889 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HP Officejet Pro 68 USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:21 AM

Posted 09 July 2016 - 06:43 AM

Since you want to keep both programs I have modified the fixlist.txt.

Delete the Fixlist.txt you first created.

Create this one and place it in the folder in bold. -> C:\Users\Robert\Downloads
Run the Farbar tool and click the FIX button.

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000 -> No Name - {B4B3001E-0F56-4E51-8250-BDE11547EC55} -  No File
FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default\user.js [2016-07-07]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
S2 TeamViewer; "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [X]
S2 YahooAUService; "C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe" [X]
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
Task: {13B9AD10-0534-4B59-8FA3-83311E00DA11} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {65B2DC50-08BD-4B72-A851-A8AF8CF2A05C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6F2349D1-95FB-4401-A341-DD8A7A21C345} - System32\Tasks\Component System\Component => C:\Users\Robert\AppData\Local\Component\com.exe [2016-06-18] ()
Task: {7DC7D64F-FC0E-436A-A642-98CC78FF0048} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8B5B48CC-54B1-4A32-89E5-6D4D039EB213} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9055AFFC-FAC6-4BE2-A0E6-B3A44B62CF8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9EBB61EF-8BA2-4532-93FE-BF93B9F5E585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AB1FAFE7-4E28-49BB-B38E-B7680C682D2A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F62B49E8-EAE2-44E2-85CC-1944AB8927C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD322315-2182-4543-B096-1D51C8E65B7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (No File)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
AlternateDataStreams: C:\ProgramData\TEMP:99997250 [126]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [372]
C:\Users\Robert\AppData\Local\Component\com.exe
C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your
===

#12 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 09 July 2016 - 11:47 AM

Will try it hope farbar can see the fixit list not easy; wonder if worth trying to get farbar to see the list; will try



#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:21 AM

Posted 09 July 2016 - 01:21 PM

Farbar will see the file you create if it's in the same folder as the tool.

#14 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 09 July 2016 - 01:59 PM

I just run farbar and never saved but guessing its save then ok  



#15 Pestyone

Pestyone
  • Topic Starter

  • Members
  • 315 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 09 July 2016 - 04:56 PM

Whew  ok  how's  this - -

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-07-2016
Ran by Robert (2016-07-09 17:46:43) Run:1
Running from C:\Users\Robert\Downloads
Loaded Profiles: Robert (Available Profiles: Robert)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-4236931218-4029361051-1509103033-1000 -> No Name - {B4B3001E-0F56-4E51-8250-BDE11547EC55} -  No File
FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default\user.js [2016-07-07]
CHR Extension: (No Name) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
S2 TeamViewer; "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [X]
S2 YahooAUService; "C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe" [X]
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
Task: {13B9AD10-0534-4B59-8FA3-83311E00DA11} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {65B2DC50-08BD-4B72-A851-A8AF8CF2A05C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6F2349D1-95FB-4401-A341-DD8A7A21C345} - System32\Tasks\Component System\Component => C:\Users\Robert\AppData\Local\Component\com.exe [2016-06-18] ()
Task: {7DC7D64F-FC0E-436A-A642-98CC78FF0048} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8B5B48CC-54B1-4A32-89E5-6D4D039EB213} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9055AFFC-FAC6-4BE2-A0E6-B3A44B62CF8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9EBB61EF-8BA2-4532-93FE-BF93B9F5E585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AB1FAFE7-4E28-49BB-B38E-B7680C682D2A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F62B49E8-EAE2-44E2-85CC-1944AB8927C6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD322315-2182-4543-B096-1D51C8E65B7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (No File)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
AlternateDataStreams: C:\ProgramData\TEMP:99997250 [126]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [372]
C:\Users\Robert\AppData\Local\Component\com.exe
C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt5" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt6" => key removed successfully
HKCR\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt7" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt8" => key removed successfully
HKCR\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
"HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-4236931218-4029361051-1509103033-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B4B3001E-0F56-4E51-8250-BDE11547EC55} => value removed successfully
HKCR\CLSID\{B4B3001E-0F56-4E51-8250-BDE11547EC55} => key not found.
C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\eaw973gh.default\user.js => not found.
C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
TeamViewer => service removed successfully
YahooAUService => service removed successfully
ZAMSvc => service removed successfully
catchme => service not found.
IMFFilter => service not found.
RegFilter => service not found.
ZAM => service removed successfully
ZAM_Guard => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13B9AD10-0534-4B59-8FA3-83311E00DA11}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13B9AD10-0534-4B59-8FA3-83311E00DA11}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65B2DC50-08BD-4B72-A851-A8AF8CF2A05C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65B2DC50-08BD-4B72-A851-A8AF8CF2A05C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F2349D1-95FB-4401-A341-DD8A7A21C345}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F2349D1-95FB-4401-A341-DD8A7A21C345}" => key removed successfully
C:\Windows\System32\Tasks\Component System\Component => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Component System\Component" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DC7D64F-FC0E-436A-A642-98CC78FF0048}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DC7D64F-FC0E-436A-A642-98CC78FF0048}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B5B48CC-54B1-4A32-89E5-6D4D039EB213}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B5B48CC-54B1-4A32-89E5-6D4D039EB213}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9055AFFC-FAC6-4BE2-A0E6-B3A44B62CF8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9055AFFC-FAC6-4BE2-A0E6-B3A44B62CF8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9EBB61EF-8BA2-4532-93FE-BF93B9F5E585}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EBB61EF-8BA2-4532-93FE-BF93B9F5E585}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB1FAFE7-4E28-49BB-B38E-B7680C682D2A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB1FAFE7-4E28-49BB-B38E-B7680C682D2A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F62B49E8-EAE2-44E2-85CC-1944AB8927C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F62B49E8-EAE2-44E2-85CC-1944AB8927C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD322315-2182-4543-B096-1D51C8E65B7F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD322315-2182-4543-B096-1D51C8E65B7F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
Shortcut: C:\Users\Public\Desktop\LibreOffice 5.1.lnk -> hxxp://www.documentfoundation.org (No File) => Error: No automatic fix found for this entry.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
C:\ProgramData\TEMP => ":99997250" ADS removed successfully.
C:\ProgramData\TEMP => ":C31F31E6" ADS removed successfully.
C:\ProgramData\TEMP => ":FB1B13D8" ADS removed successfully.
C:\Users\Robert\AppData\Local\Component\com.exe => moved successfully
"C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32845267 B
Java, Flash, Steam htmlcache => 4608 B
Windows/system/drivers => 69581 B
Edge => 0 B
Chrome => 0 B
Firefox => 1776714 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33058 B
LocalService => 66228 B
NetworkService => 82898 B
Robert => 607432112 B

RecycleBin => 0 B
EmptyTemp: => 620.6 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:48:06 ====






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users