Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SvcMiner + Detplock trojans on C: drive, 100% Disk usage


  • This topic is locked This topic is locked
2 replies to this topic

#1 Acidilicious

Acidilicious

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 26 October 2016 - 01:43 PM

Hello everyone, 

 

I'm coming here today because I've stumbled upon two trojans that popped up into my Windows Defender right as booted my computer! This is a little new, but at the same time it kinda isn't. I've been dealing for a couple months with an unnamed process at startup that would up my CPU usage to about 80% when I checked Task Manager, and for a while all I did was end the process and everything would go back to normal.

 

A little later, two instances of PowerShell would begin booting right at startup, and that's when I knew even further that something wasn't right! Nothing really happened until Defender quarantined a first Trojan (The SvcMiner), and then my disk usage went up to 100% until (I mean, this is just a guess) another one (The Detplock) was quarantined. My Disk usage has gone back to normal since, but I naturally still want to get rid of them.  For now they're both quarantined since I'm reluctant on just removing them without asking help on here.

 

I assume they came from cracked software I have on my external drive, so I'll delete them all, but I know the viruses themselves are on my C:, so will I have anything to do with my external beyond deleting said software? Here are my logs (This is the C drive only though, if I need to scan :

 

==== FRST ====

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2016
Ran by camille (administrator) on FAMILYPC (26-10-2016 13:38:08)
Running from C:\Users\camille\Desktop
Loaded Profiles: camille (Available Profiles: andre & camille & chantal)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\KOR\KorIME.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
() C:\Program Files\Cold Turkey\CTService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Cold Turkey\CTConfigServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Kakao Corp. ) C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
(Flux Software LLC) C:\Users\camille\AppData\Local\FluxSoftware\Flux\flux.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Dropbox, Inc.) C:\Users\camille\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Logitech, Inc.) C:\Users\camille\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Users\camille\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{1B8ECDC1-6C27-482A-A085-76F021BCA737}\54.0.2840.71_chrome_installer.exe
(Google Inc.) C:\Windows\Temp\CR_870B8.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_870B8.tmp\setup.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\ARAMetro.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Sysinternals - www.sysinternals.com) C:\Users\camille\Desktop\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\camille\AppData\Local\Temp\procexp64.exe
() C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2015-12-22] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe [114368 2015-02-06] (VMware, Inc.)
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1739216 2016-09-12] (Google Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [GoogleChromeAutoLaunch_2BCEA9A83D2DB22AD0F38AAE6EFF56A2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [966760 2016-09-24] (Google Inc.)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-04-09] ()
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [ONAIR] => C:\Program Files\ONAIR\ONAIR.exe [3589632 2014-06-29] (DJMASTER.COM)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [KakaoTalk] => C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [7425856 2016-09-09] (Kakao Corp. )
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [Dropbox Update] => C:\Users\camille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [f.lux] => C:\Users\camille\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-13] (Nota Inc.)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [BaiduYunGuanjia] => "E:\Camille\Baidu DL\BaiduYunGuanjia\BaiduYunGuanjia.exe" AutoRun
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [BaiduYunDetect] => "E:\Camille\Baidu DL\BaiduYunGuanjia\YunDetectService.exe"
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [AIM for Windows] => "C:\Users\camille\AppData\Local\AOL\AIM\aim.exe"
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [Discord] => C:\Users\camille\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4090944 2016-09-24] (GOG.com)
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [Xvid] => powershell.exe -nologo -WindowStyle hidden -Noninteractive -NoProfile -ExecutionPolicy Bypass -File "C:\Program Files (x86)\Xvid\CheckUpdate.ps1"
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Run: [ClubBox] => 0
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\RunOnce: [Uninstall C:\Users\camille\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\camille\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\camille\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-12-22]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\camille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-06-24]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-09-27]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{36F7D136-3C51-45DA-BA02-D222F9AFCA4F}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2117084378-2090555836-1489998258-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130909603071974411&GUID=94066308-6DFB-4E60-90C7-DB6359C05AB1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://ca.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://ca.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2117084378-2090555836-1489998258-1005 -> DefaultScope {4122A008-0B1C-4F6B-A86C-D733FF2E3B2C} URL = 
SearchScopes: HKU\S-1-5-21-2117084378-2090555836-1489998258-1005 -> {4122A008-0B1C-4F6B-A86C-D733FF2E3B2C} URL = 
SearchScopes: HKU\S-1-5-21-2117084378-2090555836-1489998258-1005 -> {4918ACCD-28D6-4068-A2E3-EC8214DCF114} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2117084378-2090555836-1489998258-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-23] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-23] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-26] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: q276a37x.default-1439354964209
FF ProfilePath: C:\Users\camille\AppData\Roaming\Mozilla\Firefox\Profiles\q276a37x.default-1439354964209 [2016-10-26]
FF user.js: detected! => C:\Users\camille\AppData\Roaming\Mozilla\Firefox\Profiles\q276a37x.default-1439354964209\user.js [2015-10-13]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\q276a37x.default-1439354964209 -> Yahoo!
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\q276a37x.default-1439354964209 -> Yahoo!
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\q276a37x.default-1439354964209 -> Yahoo!
FF Homepage: Mozilla\Firefox\Profiles\q276a37x.default-1439354964209 -> hxxps://ca.search.yahoo.com/?type=994519&fr=spigot-yhp-ff
FF Keyword.URL: Mozilla\Firefox\Profiles\q276a37x.default-1439354964209 -> hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=
FF Extension: (ThumbsDown) - C:\Users\camille\AppData\Roaming\Mozilla\Firefox\Profiles\q276a37x.default-1439354964209\Extensions\thumbsdown@mozdev.org.xpi [2016-01-02]
FF Extension: (DownThemAll!) - C:\Users\camille\AppData\Roaming\Mozilla\Firefox\Profiles\q276a37x.default-1439354964209\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-01-02]
FF SearchPlugin: C:\Users\camille\AppData\Roaming\Mozilla\Firefox\Profiles\q276a37x.default-1439354964209\searchplugins\mozilla-support.xml [2016-02-28]
FF SearchPlugin: C:\Users\camille\AppData\Roaming\Mozilla\Firefox\Profiles\q276a37x.default-1439354964209\searchplugins\yahoo_ff.xml [2016-02-28]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - E:\Camille\Freemake\Freemake Video Converter\BrowserPlugin\Firefox => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @baidu.com/YunWebDetectPlugin -> E:\Camille\Baidu DL\BaiduYunGuanjia\npYunWebDetect.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-06-30] (Nexon)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2014-10-21] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2014-10-21] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2015-01-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2117084378-2090555836-1489998258-1005: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin HKU\S-1-5-21-2117084378-2090555836-1489998258-1005: zettamedia.co.kr/ZmLauncher -> C:\Users\camille\AppData\Local\Zettamedia\PdClubBox\npZmLauncher.dll [2013-06-05] (Zettamedia Co.,Ltd.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.ca/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321544&octid=EB_ORIGINAL_CTID&ISID=MBCA0AEA0-519C-4916-B376-7A4D19E694E7&SearchSource=55&CUI=&UM=6&UP=SP37FF331C-3BD6-4EC1-B048-6B0445CBC329&SSPV=","hxxp://homepage-web.com/?s=acer&m=start"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default [2016-10-26]
CHR Extension: (Google Translate) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Google Docs) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (Open Tweet Filter) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdmjagdcpkfpebaaffpafncgkleijako [2015-12-04]
CHR Extension: (YouTube) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Sad Panda) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2016-08-24]
CHR Extension: (Adblock Plus) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Image Downloader) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2016-04-17]
CHR Extension: (Google Search) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Mainichi) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfekdjmdikicceaiokcmmchenpilglhn [2016-10-02]
CHR Extension: (Tampermonkey) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-09-08]
CHR Extension: (Word Replacer II) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\djakfbefalbkkdgnhkkdiihelkjdpbfh [2016-01-19]
CHR Extension: (Stylish) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-04-05]
CHR Extension: (XKit) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (AdBlock) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-26]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-10-26]
CHR Extension: (SwagButton) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2016-09-26]
CHR Extension: (Pomodo'more) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\hficppmoghghfokbapbmbjbcenolcpep [2016-01-15]
CHR Extension: (Kill News Feed) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjobfcedfgohjkaieocljfcppjbkglfd [2016-02-15]
CHR Extension: (New XKit) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2015-10-10]
CHR Extension: (rikaikun) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2016-04-23]
CHR Extension: (Ponify) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnpnagfdfmgmjphfiiieanfdhklimpfp [2015-01-10] [UpdateUrl: hxxp://bena.mooo.com/update.php?b=chrome] <==== ATTENTION
CHR Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmlkkjojmombglmlpbpapmhcaljjkde [2016-08-02]
CHR Extension: (Image Search Options) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2016-03-03]
CHR Extension: (Momentum) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-10-26]
CHR Extension: (GetThemAll Video Downloader) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2016-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Tumblr Savior) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2016-08-30]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2016-08-05]
CHR Extension: (ZETTAMEDIA 피디박스, 클럽박스 Launcher) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffaocmaalnijjmjpjkjgnlaicmpbill [2016-09-26]
CHR Extension: (Gmail) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\camille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
CHR Profile: C:\Users\camille\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - E:\Camille\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows ® Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
R2 CTService; C:\Program Files\Cold Turkey\CTService.exe [62976 2013-12-08] () [File not signed]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [281152 2016-09-24] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6556224 2016-10-15] (GOG.com)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-01-15] (WildTangent)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [939984 2016-09-12] (Google Inc.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3377568 2014-05-25] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-27] (Electronic Arts)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2015-12-22] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe [12730048 2015-02-06] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
S3 BaiduYunUtility; E:\Camille\Baidu DL\BaiduYunGuanjia\YunUtilityService.exe [X]
S2 HiPatchService; E:\Camille\Games\Smite\HiPatchService.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-31] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 lvsels64; C:\Windows\system32\DRIVERS\lvsels64.sys [67992 2009-10-07] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [38432 2015-12-22] (SoftEther Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [51232 2015-12-22] (SoftEther Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-26 13:38 - 2016-10-26 13:46 - 00039455 _____ C:\Users\camille\Desktop\FRST.txt
2016-10-26 13:37 - 2016-10-26 13:38 - 00000000 ____D C:\FRST
2016-10-26 13:36 - 2016-10-26 13:37 - 02407936 _____ (Farbar) C:\Users\camille\Desktop\FRST64.exe
2016-10-26 13:29 - 2016-02-05 08:11 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\camille\Desktop\procexp.exe
2016-10-26 13:29 - 2016-02-05 08:03 - 00072154 _____ C:\Users\camille\Desktop\procexp.chm
2016-10-26 13:29 - 2015-10-27 07:32 - 00007490 _____ C:\Users\camille\Desktop\Eula.txt
2016-10-26 13:28 - 2016-10-26 13:29 - 01270466 _____ C:\Users\camille\Downloads\ProcessExplorer.zip
2016-10-26 13:23 - 2016-10-26 13:23 - 00003203 _____ C:\Users\camille\Downloads\B381.tmp
2016-10-26 13:18 - 2016-10-26 13:18 - 00000000 ____D C:\Windows\System32\Tasks\GenericSettingsHandler
2016-10-25 14:52 - 2016-10-25 14:54 - 209629915 _____ C:\Users\camille\Downloads\2004 - Replay.zip
2016-10-25 14:52 - 2016-10-25 14:54 - 122169714 _____ C:\Users\camille\Downloads\2000 - “HAPPY”Coming Century,20th Century forever.7z
2016-10-25 14:52 - 2016-10-25 14:54 - 111690684 _____ C:\Users\camille\Downloads\2001 - Volume 6.zip
2016-10-25 14:52 - 2016-10-25 14:53 - 65167687 _____ C:\Users\camille\Downloads\1998 - ! -attention-.zip
2016-10-25 14:52 - 2016-10-25 14:53 - 121175129 _____ C:\Users\camille\Downloads\1999 - LUCKY.zip
2016-10-25 14:52 - 2016-10-25 14:53 - 108706810 _____ C:\Users\camille\Downloads\1997 - Nature Rhythm.7z
2016-10-25 14:52 - 2016-10-25 14:52 - 69662371 _____ C:\Users\camille\Downloads\1997 - Road.zip
2016-10-25 14:51 - 2016-10-25 14:53 - 40493007 _____ C:\Users\camille\Downloads\2001 - ALWAYS (A SONG FOR LOVE0.7z
2016-10-25 14:51 - 2016-10-25 14:53 - 38568349 _____ C:\Users\camille\Downloads\1999 - People Of The World.7z
2016-10-25 14:51 - 2016-10-25 14:52 - 74925905 _____ C:\Users\camille\Downloads\1999 - Goodbye & Hello.7z
2016-10-25 14:51 - 2016-10-25 14:52 - 37485363 _____ C:\Users\camille\Downloads\2002 - Love Me All Over.7z
2016-10-25 14:51 - 2016-10-25 14:52 - 31157489 _____ C:\Users\camille\Downloads\1998 - agk.7z
2016-10-25 14:51 - 2016-10-25 14:52 - 30841977 _____ C:\Users\camille\Downloads\2000 - I WILL GET THERE.7z
2016-10-25 14:51 - 2016-10-25 14:52 - 28004864 _____ C:\Users\camille\Downloads\1999 - Next 100 Years.7z
2016-10-25 14:15 - 2016-10-25 14:15 - 107590925 _____ C:\Users\camille\Downloads\Are you Happy.zip
2016-10-24 21:35 - 2016-10-24 21:35 - 00016907 _____ C:\Users\camille\Downloads\20th Century - 20th Century LIVE TOUR 2008 Ore Janakya, Kimi Janakya - 2009 (DVD - MKV).torrent
2016-10-24 19:50 - 2016-10-24 19:50 - 00014270 _____ C:\Users\camille\Downloads\Akina Nakamori - DESIRE -Jounetsu- - 1986-02-03 (CD - MP3 - 320).torrent
2016-10-24 19:44 - 2016-10-24 19:44 - 00015081 _____ C:\Users\camille\Downloads\Kim Wan Sun - Vol.4 Happy Day - 1989-06-10 (Vinyl - MP3 - 320).torrent
2016-10-24 19:44 - 2016-10-24 19:44 - 00008513 _____ C:\Users\camille\Downloads\Kim Wan Sun - Vol.4 Happy Day - 1989-06-10 (WEB - MP3 - 320).torrent
2016-10-24 19:43 - 2016-10-24 19:43 - 00017152 _____ C:\Users\camille\Downloads\Koyote - Something In The Hospital - 2000-11-02 (CD - MP3 - 320).torrent
2016-10-24 08:27 - 2016-10-24 08:27 - 00003411 _____ C:\Users\camille\AppData\Local\recently-used.xbel
2016-10-23 22:09 - 2016-10-23 22:11 - 649585005 _____ C:\Users\camille\Downloads\drive-download-20161024T020843Z.zip
2016-10-23 20:27 - 2016-10-23 20:28 - 89912568 _____ C:\Users\camille\Downloads\[ousama no brunch] 2010.12.04 mission v6 promo subbed.avi
2016-10-23 20:27 - 2016-10-23 20:28 - 146456992 _____ C:\Users\camille\Downloads\[ms] 2011.08.26 v6 talk & sexy honey bunny subbed.avi
2016-10-23 20:26 - 2016-10-23 20:26 - 65952004 _____ C:\Users\camille\Downloads\2011.09.13 [mission v6] matching answers subbed.avi
2016-10-23 20:21 - 2016-10-23 20:23 - 497026442 _____ C:\Users\camille\Downloads\[Gakkou e Ikou MAX] (2006.05.09) Sakamoto Morita Ballet Jaken.avi
2016-10-23 20:00 - 2016-10-23 20:01 - 737107392 _____ C:\Users\camille\Downloads\#84.avi
2016-10-23 20:00 - 2016-10-23 20:00 - 00040702 _____ C:\Users\camille\Downloads\Khalil Fong - Dangerous World - 2014-04-11 (CD - MP3 - 320).torrent
2016-10-23 20:00 - 2016-10-23 20:00 - 00021132 _____ C:\Users\camille\Downloads\Khalil Fong - 15 - 2011-04-21 (CD - MP3 - 320).torrent
2016-10-23 20:00 - 2016-10-23 20:00 - 00017582 _____ C:\Users\camille\Downloads\Khalil Fong - This love - 2006-12-31 (CD - MP3 - 320).torrent
2016-10-23 20:00 - 2016-10-23 20:00 - 00016394 _____ C:\Users\camille\Downloads\Khalil Fong - Back To Wonderland - 2012-11-23 (CD - MP3 - 320).torrent
2016-10-23 20:00 - 2016-10-23 20:00 - 00015099 _____ C:\Users\camille\Downloads\Khalil Fong - Timeless - 2009-08-11 (CD - MP3 - 320).torrent
2016-10-23 20:00 - 2016-10-23 20:00 - 00011802 _____ C:\Users\camille\Downloads\Khalil Fong - Orange Moon - 2008-12-19 (CD - MP3 - 320).torrent
2016-10-23 20:00 - 2016-10-23 20:00 - 00011267 _____ C:\Users\camille\Downloads\Khalil Fong - Soul Boy - 2005-11-16 (CD - MP3 - 320).torrent
2016-10-23 19:55 - 2016-10-23 19:58 - 734003200 _____ C:\Users\camille\Downloads\[GEI SP 2015]HQ.mp4.002
2016-10-23 19:55 - 2016-10-23 19:58 - 734003200 _____ C:\Users\camille\Downloads\[GEI SP 2015]HQ.mp4.001
2016-10-23 19:54 - 2016-10-23 19:55 - 00018172 _____ C:\Users\camille\Downloads\Khalil Fong - Journey To The West - 2016-09-29 (WEB - MP3 - 320).torrent
2016-10-23 19:53 - 2016-10-23 19:55 - 403933441 _____ C:\Users\camille\Downloads\[GEI SP 2015]HQ.mp4.003
2016-10-23 17:53 - 2016-10-23 17:54 - 379321006 _____ C:\Users\camille\Downloads\OHYC.zip
2016-10-23 17:53 - 2016-10-23 17:53 - 00090823 _____ C:\Users\camille\Downloads\delicious-123.zip
2016-10-23 17:16 - 2016-10-23 17:16 - 00018184 _____ C:\Users\camille\Downloads\TWICE - TWICEcoaster  LANE 1 - 2016-10-24 (WEB - MP3 - 320).torrent
2016-10-22 22:58 - 2016-10-22 23:03 - 655086786 _____ C:\Users\camille\Downloads\fr_03.7z
2016-10-22 22:58 - 2016-10-22 23:02 - 492427743 _____ C:\Users\camille\Downloads\fr_02.7z
2016-10-22 22:58 - 2016-10-22 23:00 - 497959049 _____ C:\Users\camille\Downloads\fr_01.7z
2016-10-22 22:51 - 2016-10-22 22:53 - 713565787 _____ C:\Users\camille\Downloads\kkj_01.7z
2016-10-22 22:50 - 2016-10-22 22:50 - 211611202 _____ C:\Users\camille\Downloads\kkj_flier.7z
2016-10-22 22:44 - 2016-10-22 22:47 - 479214138 _____ C:\Users\camille\Downloads\mft_01.7z
2016-10-22 22:44 - 2016-10-22 22:46 - 362894217 _____ C:\Users\camille\Downloads\mft_02.7z
2016-10-22 22:42 - 2016-10-22 22:42 - 51486341 _____ C:\Users\camille\Downloads\Skys the Limit.7z
2016-10-22 22:39 - 2016-10-22 22:39 - 133321326 _____ C:\Users\camille\Downloads\SUPER Very best Type A.rar
2016-10-22 22:39 - 2016-10-22 22:39 - 106769678 _____ C:\Users\camille\Downloads\SUPER Very best Type B.rar
2016-10-22 22:20 - 2016-10-22 22:21 - 105161706 _____ C:\Users\camille\Downloads\TVS 16-06-17 V6 (600dpi).zip
2016-10-22 22:16 - 2016-10-22 22:17 - 164185895 _____ C:\Users\camille\Downloads\mtvg_201606_go.7z
2016-10-22 22:13 - 2016-10-22 22:17 - 469825550 _____ C:\Users\camille\Downloads\201606_bs_masa.7z
2016-10-22 22:13 - 2016-10-22 22:16 - 480428318 _____ C:\Users\camille\Downloads\201606_ss_masa.7z
2016-10-22 22:13 - 2016-10-22 22:16 - 196529330 _____ C:\Users\camille\Downloads\mtvg_201606_bb.7z
2016-10-22 22:13 - 2016-10-22 22:16 - 177111303 _____ C:\Users\camille\Downloads\mtvg_201606_masa.7z
2016-10-22 22:13 - 2016-10-22 22:14 - 154845793 _____ C:\Users\camille\Downloads\mtvg_201606_tk.7z
2016-10-22 22:12 - 2016-10-22 22:16 - 24117204 _____ C:\Users\camille\Downloads\TVS 16-07-29 Morita (600dpi).zip
2016-10-22 22:10 - 2016-10-22 22:10 - 37529702 _____ C:\Users\camille\Downloads\TVS 16-07-01 Junichi (600dpi).zip
2016-10-22 22:08 - 2016-10-22 22:09 - 69008141 _____ C:\Users\camille\Downloads\TVG 16-08-01 V6 cut (600dpi).zip
2016-10-22 22:08 - 2016-10-22 22:09 - 27006221 _____ C:\Users\camille\Downloads\TVS 16-07-15 Sakamoto (600dpi).zip
2016-10-22 22:08 - 2016-10-22 22:09 - 101260638 _____ C:\Users\camille\Downloads\TV Guide 16-09-01 V6 cut (600dpi).zip
2016-10-22 21:50 - 2016-10-22 21:50 - 20515230 _____ C:\Users\camille\Downloads\TVS 16-08-26 Miyake (600dpi).zip
2016-10-22 21:49 - 2016-10-22 21:49 - 66501483 _____ C:\Users\camille\Downloads\TVG 16-10-01 V6 cut (600dpi).zip
2016-10-22 13:37 - 2016-10-22 13:37 - 628498918 _____ C:\Users\camille\Downloads\[9651] 2015.08.02 DASH (HQ).avi
2016-10-21 23:31 - 2016-10-21 23:31 - 33041241 _____ C:\Users\camille\Downloads\[MS] 090619 Op-Rk-Tk.rar
2016-10-21 23:31 - 2016-10-21 23:31 - 11561190 _____ C:\Users\camille\Downloads\[MS] 051007 Talk.rar
2016-10-21 21:32 - 2016-10-21 21:32 - 00022240 _____ C:\Users\camille\Downloads\A.B.C-Z - from ABC to Z - 2014-03-12 (WEB - AAC - 256) (1).torrent
2016-10-21 21:32 - 2016-10-21 21:32 - 00014894 _____ C:\Users\camille\Downloads\A.B.C-Z - A.B.Sea Market - 2015-05-13 (CD - MP3 - 320).torrent
2016-10-21 21:32 - 2016-10-21 21:32 - 00013388 _____ C:\Users\camille\Downloads\A.B.C-Z - Hana Kotoba - 2016 (CD - MP3 - 320).torrent
2016-10-21 21:31 - 2016-10-21 21:32 - 00013819 _____ C:\Users\camille\Downloads\A.B.C-Z - Moonlight walker - 2015 (CD - AAC - 256) (1).torrent
2016-10-21 21:31 - 2016-10-21 21:31 - 00022240 _____ C:\Users\camille\Downloads\A.B.C-Z - from ABC to Z - 2014-03-12 (WEB - AAC - 256).torrent
2016-10-21 21:31 - 2016-10-21 21:31 - 00013819 _____ C:\Users\camille\Downloads\A.B.C-Z - Moonlight walker - 2015 (CD - AAC - 256).torrent
2016-10-21 14:36 - 2016-10-21 14:36 - 00019238 _____ C:\Users\camille\Downloads\Sistar - INSANE LOVE - 2016-06-21 (WEB - MP3 - 320).torrent
2016-10-21 14:36 - 2016-10-21 14:36 - 00015483 _____ C:\Users\camille\Downloads\Sistar - Give It To Me - 2013-06-11 (CD - WAV - Lossless).torrent
2016-10-21 14:36 - 2016-10-21 14:36 - 00014345 _____ C:\Users\camille\Downloads\Sistar - Give It To Me - 2013-06-11 (CD - MP3 - 320).torrent
2016-10-21 09:32 - 2016-10-21 09:32 - 00033096 _____ C:\Users\camille\Downloads\Minami Takahashi - Aibleepe mo Ii Desu ka - 2016-10-12 (CD - AAC - 256).torrent
2016-10-21 09:32 - 2016-10-21 09:32 - 00018501 _____ C:\Users\camille\Downloads\SNH48 - Dream Land - 2016-05-20 (CD - MP3 - 320).torrent
2016-10-21 09:32 - 2016-10-21 09:32 - 00017360 _____ C:\Users\camille\Downloads\SNH48 - Princesss Cloak - 2016 (WEB - MP3 - 320).torrent
2016-10-21 09:32 - 2016-10-21 09:32 - 00017265 _____ C:\Users\camille\Downloads\SNH48 - Engine of Youth - 2016-03-28 (WEB - MP3 - 320).torrent
2016-10-21 09:32 - 2016-10-21 09:32 - 00011072 _____ C:\Users\camille\Downloads\SNH48 - Romantic Melody - 2016 (WEB - MP3 - 320).torrent
2016-10-21 09:26 - 2016-10-21 09:26 - 00019665 _____ C:\Users\camille\Downloads\I.O.I - Chrysalis - 2016-05-04 (WEB - MP3 - 320).torrent
2016-10-21 09:26 - 2016-10-21 09:26 - 00017442 _____ C:\Users\camille\Downloads\I.O.I - miss me - 2016-10-17 (WEB - MP3 - 320).torrent
2016-10-21 09:26 - 2016-10-21 09:26 - 00010403 _____ C:\Users\camille\Downloads\I.O.I - Whatta Man - 2016-08-09 (WEB - MP3 - 320).torrent
2016-10-21 09:12 - 2016-10-21 09:12 - 01604651 _____ C:\Users\camille\Downloads\les questionnaires (1).pdf
2016-10-20 12:49 - 2016-10-20 12:49 - 01604651 _____ C:\Users\camille\Downloads\les questionnaires.pdf
2016-10-20 12:46 - 2016-10-20 12:46 - 00294115 _____ C:\Users\camille\Downloads\MMM_300-300_ AU16 (1).pdf
2016-10-20 11:18 - 2016-10-20 11:18 - 00020569 _____ C:\Users\camille\Downloads\AKB48 - Team A 1st Stage Party ga Hajimaru yo -studio recordings collection- - 2013-01-01 (CD - MP3 - 320).torrent
2016-10-20 09:36 - 2016-10-20 09:36 - 00011615 _____ C:\Users\camille\Downloads\TOKIO - sugar - 2008-02-20 (CD - MP3 - 320).torrent
2016-10-20 09:30 - 2016-10-20 09:30 - 00004632 _____ C:\Users\camille\Downloads\TOKIO - Harvest - 2006-10-18 (CD - MP3 - 320).torrent
2016-10-20 09:22 - 2016-10-20 09:22 - 00630885 _____ C:\Users\camille\Downloads\De bonnes questions pour de bonnes réponses (1).pptx
2016-10-19 19:29 - 2016-10-19 19:29 - 00630885 _____ C:\Users\camille\Downloads\De bonnes questions pour de bonnes réponses.pptx
2016-10-19 13:44 - 2016-10-19 13:45 - 18888300 _____ C:\Users\camille\Downloads\20161019 ZIP - KinKi part.mp4
2016-10-19 13:44 - 2016-10-19 13:44 - 23641110 _____ C:\Users\camille\Downloads\20161019 Mezamashi TV - KinKi part.mp4
2016-10-19 13:44 - 2016-10-19 13:44 - 21258316 _____ C:\Users\camille\Downloads\20161019 Hayadoki - KinKi part.mp4
2016-10-19 13:43 - 2016-10-19 13:43 - 25351934 _____ C:\Users\camille\Downloads\20161019 Aqua 2 - KinKi part.mp4
2016-10-19 13:41 - 2016-10-19 13:41 - 25601319 _____ C:\Users\camille\Downloads\20161019 Aqua - KinKi part.mp4
2016-10-17 19:52 - 2016-10-17 19:52 - 00029906 _____ C:\Users\camille\Downloads\WJSN - WOULD YOU LIKE - 2016-02-25 (WEB - MP3 - 320).torrent
2016-10-17 19:52 - 2016-10-17 19:52 - 00019315 _____ C:\Users\camille\Downloads\WJSN - THE SECRET - 2016-08-17 (WEB - MP3 - 320).torrent
2016-10-17 19:48 - 2016-10-17 19:48 - 00021913 _____ C:\Users\camille\Downloads\Seol ha yoon - Please Arrest My Oppa - 2016-09-27 (WEB - MP3 - 320).torrent
2016-10-17 19:48 - 2016-10-17 19:48 - 00015752 _____ C:\Users\camille\Downloads\VIXX - Zelos - 2016-04-19 (WEB - MP3 - 320).torrent
2016-10-17 19:48 - 2016-10-17 19:48 - 00011235 _____ C:\Users\camille\Downloads\VIXX - Hades - 2016-08-12 (WEB - MP3 - 320).torrent
2016-10-17 19:46 - 2016-10-17 19:46 - 00015782 _____ C:\Users\camille\Downloads\2PM - GENTLEMENS GAME - 2016-09-13 (WEB - MP3 - 320).torrent
2016-10-17 19:45 - 2016-10-17 19:45 - 00025275 _____ C:\Users\camille\Downloads\A Pink - Pink Revolution - 2016-09-26 (CD - MP3 - 320).torrent
2016-10-17 19:45 - 2016-10-17 19:45 - 00021816 _____ C:\Users\camille\Downloads\Henry, Soyou - Runnin - 2016-10-14 (WEB - MP3 - 320).torrent
2016-10-17 19:45 - 2016-10-17 19:45 - 00020836 _____ C:\Users\camille\Downloads\Bangtan Boys - WINGS - 2016-10-10 (WEB - MP3 - 320).torrent
2016-10-17 16:57 - 2016-10-26 13:09 - 00000000 ____D C:\Users\camille\Documents\Overwatch
2016-10-17 16:56 - 2016-10-17 16:56 - 00000836 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-10-17 15:44 - 2016-10-17 15:46 - 00000000 ____D C:\Users\camille\AppData\Roaming\DevilDaggers
2016-10-16 19:20 - 2016-10-16 19:23 - 1311161786 _____ C:\Users\camille\Downloads\[sub] JCD 2015-2016.avi
2016-10-15 21:51 - 2016-10-15 21:51 - 23714158 _____ C:\Users\camille\Downloads\Ultimate_JLPT_N5_Vocabulary_Deck_v13.apkg
2016-10-15 15:12 - 2016-10-15 15:12 - 00000000 ____D C:\Users\andre\AppData\Roaming\DVDVideoSoft
2016-10-13 17:30 - 2016-10-13 17:30 - 00000000 ____D C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-12 00:30 - 2016-10-12 00:32 - 606151232 _____ C:\Users\camille\Downloads\[sub] Bun 74.mp4
2016-10-11 16:29 - 2016-09-30 20:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 16:29 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 16:29 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 16:29 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 16:29 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 16:29 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-11 16:29 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 16:29 - 2016-09-30 01:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 16:29 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-11 16:29 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 16:29 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 16:29 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 16:29 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 16:29 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 16:29 - 2016-09-30 01:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-11 16:29 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 16:29 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 16:29 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-11 16:29 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-11 16:29 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-11 16:29 - 2016-09-17 14:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 16:29 - 2016-09-17 13:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 16:29 - 2016-09-17 13:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 16:29 - 2016-09-13 21:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-11 16:29 - 2016-09-13 21:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-11 16:29 - 2016-09-13 21:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-11 16:29 - 2016-09-13 21:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-11 16:29 - 2016-09-09 10:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 16:29 - 2016-09-08 16:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-11 16:29 - 2016-09-08 10:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 16:29 - 2016-09-08 10:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 16:29 - 2016-09-07 18:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 16:29 - 2016-09-07 17:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-11 16:29 - 2016-09-07 17:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 16:29 - 2016-09-07 17:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-11 16:29 - 2016-09-07 17:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-11 16:29 - 2016-08-31 13:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 16:29 - 2016-08-31 12:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 16:29 - 2016-08-25 16:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-11 16:29 - 2016-08-25 15:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-11 16:29 - 2016-08-12 20:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 16:29 - 2016-08-12 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-11 16:29 - 2016-08-12 18:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-11 16:29 - 2016-08-12 18:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 16:29 - 2016-08-12 17:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 16:29 - 2016-08-12 17:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-11 16:29 - 2016-08-12 16:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 16:29 - 2016-08-11 21:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-11 16:29 - 2016-08-11 21:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-11 16:29 - 2016-08-11 14:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-11 16:29 - 2016-08-11 14:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-11 16:29 - 2016-08-11 13:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-11 16:29 - 2016-08-11 09:39 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-11 16:29 - 2016-08-11 01:46 - 00420184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-11 16:29 - 2016-08-03 11:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-11 16:29 - 2016-08-03 11:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-11 16:29 - 2016-08-03 11:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-11 16:29 - 2016-08-03 11:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-11 16:29 - 2016-07-30 13:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-11 16:29 - 2016-07-30 12:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-11 16:29 - 2016-07-23 14:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-11 16:29 - 2016-07-23 14:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-11 16:28 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 16:28 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 16:28 - 2016-09-30 01:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 16:28 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-11 16:28 - 2016-09-30 01:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-11 16:28 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-11 16:28 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 16:28 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-11 16:28 - 2016-09-17 13:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-11 16:28 - 2016-09-17 13:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-11 16:28 - 2016-09-12 18:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-11 16:28 - 2016-09-12 17:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-11 16:28 - 2016-08-12 20:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-11 16:28 - 2016-08-12 20:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-11 16:28 - 2016-08-11 14:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-11 16:28 - 2016-07-26 09:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-11 16:28 - 2016-07-26 09:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-11 16:26 - 2016-09-12 19:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 16:26 - 2016-09-09 09:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 16:26 - 2016-09-09 09:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 16:26 - 2016-08-27 15:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 16:26 - 2016-08-27 15:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 16:26 - 2016-08-27 15:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-11 16:26 - 2016-08-27 14:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-11 16:26 - 2016-08-27 14:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-11 16:26 - 2016-08-27 14:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-11 16:26 - 2016-08-27 12:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-11 16:26 - 2016-08-27 12:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-11 16:26 - 2016-08-27 12:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-11 16:26 - 2016-08-27 11:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-11 16:26 - 2016-08-20 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 16:26 - 2016-08-20 18:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-10 13:44 - 2016-10-10 13:45 - 51642873 _____ C:\Users\camille\Downloads\Single - 2015 - Timeless.7z
2016-10-10 13:44 - 2016-10-10 13:45 - 104372355 _____ C:\Users\camille\Downloads\Scans - Timeless.7z
2016-10-10 13:43 - 2016-10-10 13:43 - 18207099 _____ C:\Users\camille\Downloads\愛しのナポリタン [限定盤].zip
2016-10-09 22:42 - 2016-10-09 22:45 - 652570197 _____ C:\Users\camille\Downloads\[2001.08.16] ShinEmoPt1.zip
2016-10-09 22:41 - 2016-10-09 22:44 - 474605210 _____ C:\Users\camille\Downloads\[2001.08.16] ShinEmoPt2.zip
2016-10-09 00:32 - 2016-10-09 00:33 - 121975925 _____ C:\Users\camille\Downloads\Garoad - VA-11 HALL-A Prologue OST - Sounds From The Future.zip
2016-10-09 00:31 - 2016-10-09 00:33 - 265135360 _____ C:\Users\camille\Downloads\Garoad - VA-11 HALL-A - Second Round (1).zip
2016-10-07 14:36 - 2016-10-07 14:36 - 167550464 _____ C:\Users\camille\Downloads\Sexy.Honey.Bunny! (Sakamoto version).avi
2016-10-07 14:23 - 2016-10-07 14:24 - 68108178 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 大野智.avi
2016-10-07 14:23 - 2016-10-07 14:24 - 47270736 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 井ノッチ part02.avi
2016-10-07 14:23 - 2016-10-07 14:24 - 40091326 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 井ノッチ part01.avi
2016-10-07 14:23 - 2016-10-07 14:24 - 33059650 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 坂本昌行 part01.avi
2016-10-07 14:23 - 2016-10-07 14:24 - 24025418 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 相葉雅紀.avi
2016-10-07 14:23 - 2016-10-07 14:24 - 21715104 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 坂本昌行 part02 (1).avi
2016-10-07 14:23 - 2016-10-07 14:24 - 18282557 _____ C:\Users\camille\Downloads\ヒガシの部屋- 總集編.avi
2016-10-07 14:23 - 2016-10-07 14:23 - 21715104 _____ C:\Users\camille\Downloads\ヒガシの部屋 - 坂本昌行 part02.avi
2016-10-07 12:51 - 2016-10-07 12:51 - 00682310 _____ C:\Users\camille\Downloads\Rapport-IPMSH-.pages
2016-10-07 12:50 - 2016-10-07 12:50 - 04495519 _____ C:\Users\camille\Downloads\revue_pdf.pdf
2016-10-07 00:34 - 2016-10-07 00:36 - 692233352 _____ C:\Users\camille\Downloads\Higashiyama, Sakamoto - Shounen Club Premium - Premium Talk [2013.11.20] HQ.avi
2016-10-07 00:29 - 2016-10-07 00:29 - 76004784 _____ C:\Users\camille\Downloads\pen_jan15.7z
2016-10-07 00:29 - 2016-10-07 00:29 - 107504394 _____ C:\Users\camille\Downloads\esse_dec14.7z
2016-10-07 00:22 - 2016-10-07 00:22 - 364116508 _____ C:\Users\camille\Downloads\popolo_feb15.7z
2016-10-06 23:47 - 2016-10-06 23:58 - 350143175 _____ C:\Users\camille\Downloads\od_05.7z
2016-10-06 23:47 - 2016-10-06 23:54 - 509139204 _____ C:\Users\camille\Downloads\od_01.7z
2016-10-06 23:47 - 2016-10-06 23:54 - 508664706 _____ C:\Users\camille\Downloads\od_02.7z
2016-10-06 23:47 - 2016-10-06 23:53 - 518563084 _____ C:\Users\camille\Downloads\od_04.7z
2016-10-06 23:47 - 2016-10-06 23:53 - 516960216 _____ C:\Users\camille\Downloads\od_03.7z
2016-10-06 23:36 - 2016-10-06 23:37 - 83791872 _____ C:\Users\camille\Downloads\[PV] Tsuyo-shi - Sora -utsukushi ware no sora-.avi
2016-10-06 23:34 - 2016-10-06 23:35 - 07630440 _____ C:\Users\camille\Downloads\[Gakkou e Ikou] 2004.04.28 Ill tell mommy.avi
2016-10-05 23:14 - 2016-10-05 23:14 - 03574353 _____ C:\Users\camille\Downloads\IPMSH-20161006T031445Z.zip
2016-10-05 21:13 - 2016-10-05 21:13 - 00222291 _____ C:\Users\camille\Downloads\000411ar.pdf
2016-10-04 11:05 - 2016-10-04 11:05 - 46048608 _____ C:\Users\camille\Downloads\[J80S] MK 86 D.rar
2016-10-04 11:04 - 2016-10-04 11:04 - 43349404 _____ C:\Users\camille\Downloads\[J80S] MK 85 SIT.rar
2016-10-04 11:03 - 2016-10-04 11:04 - 37433997 _____ C:\Users\camille\Downloads\[J80S] MK 81 TAY.rar
2016-10-04 05:26 - 2016-10-04 05:26 - 00002168 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-10-04 05:26 - 2016-10-04 05:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-03 23:32 - 2016-10-03 23:32 - 00001360 _____ C:\Users\Public\Desktop\Free NicoVideo Download.lnk
2016-10-03 23:32 - 2016-10-03 23:32 - 00001359 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-10-03 23:32 - 2016-10-03 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-03 23:31 - 2016-10-03 23:32 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-10-03 23:31 - 2016-10-03 23:32 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-10-03 23:29 - 2016-10-03 23:33 - 00000000 ____D C:\Users\camille\AppData\Roaming\DVDVideoSoft
2016-10-03 23:29 - 2016-10-03 23:29 - 02267896 _____ (Digital Wave Ltd ) C:\Users\camille\Downloads\FreeNicoVideoDownload_1.0.58.829_s.exe
2016-10-03 00:04 - 2016-10-03 00:08 - 512067584 _____ C:\Users\camille\Downloads\[BNS] Dream Boy - 03.avi
2016-10-03 00:03 - 2016-10-03 00:08 - 663343104 _____ C:\Users\camille\Downloads\[BNS] Dream Boy - 02.avi
2016-10-03 00:00 - 2016-10-03 00:07 - 740505072 _____ C:\Users\camille\Downloads\[BakaYankee] #79 - D2.rar
2016-10-03 00:00 - 2016-10-03 00:06 - 552974336 _____ C:\Users\camille\Downloads\[BNS] Dream Boy - 01.avi
2016-10-02 23:59 - 2016-10-03 00:06 - 569716312 _____ C:\Users\camille\Downloads\[BakaYankee] #79 - D1.rar
2016-10-02 22:21 - 2016-10-02 22:22 - 00118932 _____ C:\Users\camille\Downloads\grille d'évaluation IPMSH 1er tp.pdf
2016-10-02 12:36 - 2016-10-02 12:44 - 1042565040 _____ C:\Users\camille\Downloads\Takizawa Kabuki 2016 Disc 2.mp4
2016-10-02 12:33 - 2016-10-02 12:44 - 1318379477 _____ C:\Users\camille\Downloads\Takizawa Kabuki 2016 Disc 1.mp4
2016-10-02 12:30 - 2016-10-02 12:43 - 1990913884 _____ C:\Users\camille\Downloads\Document of Takizawa Kabuki 2016.mp4
2016-10-02 00:58 - 2016-10-02 00:58 - 504346985 _____ C:\Users\camille\Downloads\39 Symphony 井ノ原和彦 ver.mp4
2016-10-02 00:57 - 2016-10-02 00:57 - 504473665 _____ C:\Users\camille\Downloads\39 Symphony 坂本昌行 ver.mp4
2016-10-01 19:32 - 2016-10-01 19:39 - 524288000 _____ C:\Users\camille\Downloads\Disc 2 - Concert Part 2.mp4.003
2016-10-01 19:32 - 2016-10-01 19:39 - 524288000 _____ C:\Users\camille\Downloads\Disc 2 - Concert Part 2.mp4.002
2016-10-01 19:32 - 2016-10-01 19:39 - 524288000 _____ C:\Users\camille\Downloads\Disc 2 - Concert Part 2.mp4.001
2016-10-01 19:32 - 2016-10-01 19:36 - 226845244 _____ C:\Users\camille\Downloads\Disc 1 - Concert Part 1.mp4.004
2016-10-01 19:32 - 2016-10-01 19:33 - 26307269 _____ C:\Users\camille\Downloads\Disc 2 - Concert Part 2.mp4.004
2016-10-01 19:31 - 2016-10-01 19:39 - 524288000 _____ C:\Users\camille\Downloads\Disc 1 - Concert Part 1.mp4.003
2016-10-01 19:31 - 2016-10-01 19:39 - 524288000 _____ C:\Users\camille\Downloads\Disc 1 - Concert Part 1.mp4.001
2016-10-01 19:31 - 2016-10-01 19:35 - 524288000 _____ C:\Users\camille\Downloads\Disc 1 - Concert Part 1.mp4.002
2016-10-01 16:01 - 2016-10-26 12:30 - 00000000 ____D C:\Users\camille\AppData\Roaming\Adobe
2016-09-30 22:46 - 2016-09-30 22:54 - 733315072 _____ C:\Users\camille\Downloads\Disc 2 Part 1.avi
2016-09-30 20:32 - 2016-09-30 20:33 - 52648381 _____ C:\Users\camille\Downloads\Dave Rodgers Project - The Alfee Meets Dance.rar
2016-09-30 20:32 - 2016-09-30 20:33 - 164425334 _____ C:\Users\camille\Downloads\Dave Rodgers - Take Me Higher.rar
2016-09-29 22:40 - 2016-09-29 22:44 - 32686672 _____ C:\Users\camille\Downloads\268098626_mp4_h264_aac_hd.mp4
2016-09-29 22:16 - 2016-09-29 22:16 - 00001284 _____ C:\Users\camille\Desktop\4K Video Downloader.lnk
2016-09-29 22:16 - 2016-09-29 22:16 - 00000000 ____D C:\Users\camille\AppData\Local\4kdownload.com
2016-09-29 22:16 - 2016-09-29 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-09-29 22:15 - 2016-09-29 22:15 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-09-29 22:14 - 2016-09-29 22:15 - 31343344 _____ (Open Media LLC ) C:\Users\camille\Downloads\4kvideodownloader_4.1.exe
2016-09-29 22:13 - 2016-09-29 22:16 - 147677915 _____ C:\Users\camille\Downloads\272374403_mp4_h264_aac_fhd.mp4
2016-09-29 22:09 - 2016-09-29 22:11 - 150190095 _____ C:\Users\camille\Downloads\274494988_mp4_h264_aac_fhd.mp4
2016-09-29 22:08 - 2016-09-29 22:11 - 175892452 _____ C:\Users\camille\Downloads\274495627_mp4_h264_aac_fhd.mp4
2016-09-29 22:07 - 2016-09-29 22:09 - 99691505 _____ C:\Users\camille\Downloads\274496762_mp4_h264_aac_fhd (1).mp4
2016-09-29 22:06 - 2016-09-29 22:08 - 99691505 _____ C:\Users\camille\Downloads\274496762_mp4_h264_aac_fhd.mp4
2016-09-29 22:05 - 2016-09-29 22:06 - 65437075 _____ C:\Users\camille\Downloads\274497785_mp4_h264_aac_fhd.mp4
2016-09-29 22:00 - 2016-09-29 22:03 - 147358568 _____ C:\Users\camille\Downloads\274497956_mp4_h264_aac_fhd.mp4
2016-09-29 21:58 - 2016-09-29 22:02 - 201022190 _____ C:\Users\camille\Downloads\275510808_mp4_h264_aac_fhd.mp4
2016-09-29 21:55 - 2016-09-29 21:57 - 43993654 _____ C:\Users\camille\Downloads\275748491_mp4_h264_aac_hd.mp4
2016-09-29 21:55 - 2016-09-29 21:57 - 124486398 _____ C:\Users\camille\Downloads\275511984_mp4_h264_aac_fhd.mp4
2016-09-29 21:52 - 2016-09-29 21:54 - 103293253 _____ C:\Users\camille\Downloads\275752809_mp4_h264_aac_fhd.mp4
2016-09-29 21:49 - 2016-09-29 21:50 - 68124020 _____ C:\Users\camille\Downloads\275754539_mp4_h264_aac_fhd.mp4
2016-09-29 21:45 - 2016-09-29 21:47 - 83947133 _____ C:\Users\camille\Downloads\275755819_mp4_h264_aac_fhd.mp4
2016-09-28 23:33 - 2016-09-28 23:35 - 208666624 _____ C:\Users\camille\Downloads\K2K - Ver A [1998].avi.003
2016-09-28 23:33 - 2016-09-28 23:35 - 208666624 _____ C:\Users\camille\Downloads\K2K - Ver A [1998].avi.001
2016-09-28 23:33 - 2016-09-28 23:34 - 208666624 _____ C:\Users\camille\Downloads\K2K - Ver A [1998].avi.002
2016-09-28 23:33 - 2016-09-28 23:34 - 107169792 _____ C:\Users\camille\Downloads\K2K - Ver A [1998].avi.004
2016-09-28 22:54 - 2016-09-28 22:58 - 1121945515 _____ C:\Users\camille\Downloads\PCN1.zip
2016-09-28 22:54 - 2016-09-28 22:57 - 1003711639 _____ C:\Users\camille\Downloads\PCN2.zip
2016-09-27 22:17 - 2016-10-01 17:58 - 00000000 ____D C:\Users\camille\AppData\Roaming\Adobe-BackupByPhotoshopCS5Portable
2016-09-27 17:59 - 2016-09-27 18:07 - 1119975780 _____ C:\Users\camille\Downloads\VSAV6SP.rar
2016-09-26 19:22 - 2016-09-26 19:22 - 00000000 ____D C:\Users\camille\AppData\Local\Conkeeper
2016-09-26 18:27 - 2016-09-26 19:19 - 00045286 _____ C:\Windows\SysWOW64\ClubboxUninstall.exe
2016-09-26 18:27 - 2016-09-26 19:19 - 00000050 _____ C:\Windows\SysWOW64\Clubbox 파일전송관리자.url
2016-09-26 18:27 - 2016-09-26 18:27 - 00000000 ____D C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\클럽박스
2016-09-26 18:27 - 2016-09-26 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\클럽박스
2016-09-26 18:10 - 2016-09-26 18:28 - 00000000 _____ C:\Windows\SysWOW64\PDBOXGame.html
2016-09-26 18:10 - 2016-09-26 18:10 - 00077824 _____ C:\Windows\SysWOW64\nod.dll
2016-09-26 17:42 - 2016-09-26 18:00 - 00000000 ____D C:\Users\camille\AppData\Local\Zettamedia
2016-09-26 17:42 - 2016-09-26 17:42 - 00604568 _____ C:\Users\camille\Downloads\PdClubBoxNativeLauncher-Setup.exe
2016-09-26 17:38 - 2016-09-26 18:01 - 00000000 ____D C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ŭ·´¹Ú½º
2016-09-26 17:38 - 2016-09-26 17:48 - 00000050 _____ C:\Windows\SysWOW64\Clubbox ÆÄÀÏÀü¼Û°ü¸®ÀÚ.url
2016-09-26 17:38 - 2016-09-26 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ŭ·´¹Ú½º
2016-09-26 17:36 - 2016-09-26 17:37 - 02267212 _____ C:\Users\camille\Downloads\ClubBoxSetup.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-26 13:46 - 2013-08-22 11:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-26 13:44 - 2015-06-16 12:33 - 00000944 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2117084378-2090555836-1489998258-1005UA.job
2016-10-26 13:40 - 2015-05-15 17:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-26 13:35 - 2014-11-22 14:34 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-26 13:35 - 2014-11-22 14:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-26 13:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-26 13:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-26 13:25 - 2014-07-10 19:10 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-26 13:25 - 2014-07-10 19:07 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0D2A8968-B569-45A0-84C8-753879311795}
2016-10-26 13:23 - 2014-07-10 19:09 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2117084378-2090555836-1489998258-1005
2016-10-26 13:22 - 2014-08-14 19:56 - 00000000 ___RD C:\Users\camille\Dropbox
2016-10-26 13:21 - 2015-12-22 16:44 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-10-26 13:21 - 2014-07-14 16:10 - 00000000 ___DO C:\Users\camille\OneDrive
2016-10-26 13:16 - 2015-01-15 14:14 - 00000000 ____D C:\ProgramData\VMware
2016-10-26 13:16 - 2014-07-10 19:10 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-26 13:14 - 2014-07-06 15:25 - 00000000 ____D C:\Users\camille
2016-10-26 13:14 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-26 13:09 - 2016-06-14 21:21 - 00000000 ____D C:\Users\camille\AppData\Roaming\MusicBee
2016-10-26 13:09 - 2015-12-20 21:16 - 00000000 ____D C:\Users\camille\AppData\Roaming\Mp3tag
2016-10-26 13:09 - 2015-06-02 22:35 - 00000000 ____D C:\Users\camille\AppData\Roaming\Battle.net
2016-10-26 13:09 - 2014-12-10 17:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-26 13:09 - 2014-12-09 20:42 - 00000000 ____D C:\Users\camille\AppData\Roaming\Rainmeter
2016-10-26 13:09 - 2014-07-16 15:39 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-26 13:09 - 2014-07-10 18:19 - 00000000 ____D C:\Users\chantal
2016-10-26 13:09 - 2014-07-06 14:43 - 00000000 ____D C:\Users\andre
2016-10-26 13:09 - 2014-04-18 08:56 - 00000000 ____D C:\ProgramData\Norton
2016-10-26 13:09 - 2013-08-22 11:36 - 00000000 __RSD C:\Windows\Media
2016-10-26 13:09 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2016-10-26 13:09 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-10-26 13:09 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-10-26 13:09 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-10-26 13:08 - 2016-06-08 23:28 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-10-26 13:08 - 2015-06-02 22:35 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-10-26 13:05 - 2013-08-22 11:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-26 12:58 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\registration
2016-10-26 12:54 - 2014-07-10 20:21 - 00000000 ____D C:\Users\camille\Documents\VirtualDJ
2016-10-25 22:47 - 2015-06-02 22:35 - 00000000 ____D C:\Users\camille\AppData\Local\Battle.net
2016-10-25 17:40 - 2014-07-12 12:22 - 00000000 ____D C:\Users\camille\AppData\Local\CrashDumps
2016-10-25 15:37 - 2014-07-21 00:34 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-25 15:24 - 2015-07-12 20:31 - 00000132 _____ C:\Users\camille\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-10-24 14:22 - 2014-07-10 20:07 - 00000000 ____D C:\Users\camille\AppData\Local\Last.fm
2016-10-24 11:29 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-23 20:07 - 2016-06-16 12:54 - 00000000 ____D C:\Users\camille\Downloads\Utada Hikaru SINGLE COLLECTION VOL. 2 Scans
2016-10-23 18:12 - 2014-07-10 21:50 - 14178304 ___SH C:\Users\camille\Downloads\Thumbs.db
2016-10-22 21:16 - 2016-06-26 15:07 - 00001456 _____ C:\Users\camille\AppData\Local\Adobe Enregistrer pour le Web 11.0 Prefs
2016-10-22 14:51 - 2014-07-06 14:48 - 00000000 ___DO C:\Users\andre\SkyDrive
2016-10-18 12:43 - 2015-06-16 12:33 - 00000892 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2117084378-2090555836-1489998258-1005Core.job
2016-10-17 15:44 - 2014-07-12 14:42 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-15 21:52 - 2014-09-09 22:47 - 00000000 ____D C:\Users\camille\Documents\Anki
2016-10-15 16:14 - 2014-08-07 10:33 - 00000000 ____D C:\Users\andre\AppData\Local\CrashDumps
2016-10-15 15:27 - 2014-07-06 14:50 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2117084378-2090555836-1489998258-1001
2016-10-15 02:50 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2016-10-15 01:34 - 2013-08-22 10:44 - 03822672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-15 01:34 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\Inf
2016-10-15 01:31 - 2013-08-22 09:25 - 01048576 ___SH C:\Windows\system32\config\BBI
2016-10-13 17:32 - 2014-08-14 19:55 - 00000000 ____D C:\Users\camille\AppData\Roaming\Dropbox
2016-10-12 01:27 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2016-10-12 01:24 - 2014-07-12 14:54 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 01:10 - 2014-07-12 14:54 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 22:47 - 2014-07-10 19:03 - 00000000 ____D C:\Users\camille\AppData\Local\Packages
2016-10-09 20:19 - 2014-10-14 15:40 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2117084378-2090555836-1489998258-1006
2016-10-09 20:18 - 2014-07-10 18:19 - 00000000 ____D C:\Users\chantal\AppData\Local\SweetLabs App Platform
2016-10-09 20:14 - 2014-10-14 15:36 - 00000000 ___RD C:\Users\chantal\OneDrive
2016-10-08 14:29 - 2016-07-24 15:11 - 00003312 _____ C:\Windows\System32\Tasks\SweetLabs App Platform
2016-10-08 14:29 - 2014-10-14 15:35 - 00000000 ____D C:\Users\chantal\AppData\Local\clear.fi
2016-10-06 01:42 - 2015-03-15 15:50 - 00000000 ____D C:\Users\camille\AppData\Roaming\deluge
2016-10-04 05:25 - 2014-07-10 19:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-03 23:37 - 2016-03-19 11:01 - 00000000 ____D C:\Users\camille\AppData\Roaming\Aegisub
2016-10-03 23:22 - 2016-03-19 11:01 - 00000000 ____D C:\Users\camille\AppData\Roaming\fontconfig
2016-10-03 19:26 - 2014-07-10 19:10 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-02 01:39 - 2016-02-26 15:16 - 00000000 ____D C:\Transcodes
2016-09-30 20:15 - 2015-04-17 16:33 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-30 20:15 - 2015-04-17 16:33 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-30 19:36 - 2015-06-16 12:33 - 00000000 ____D C:\Users\camille\AppData\Local\Dropbox
2016-09-26 18:28 - 2015-12-20 16:53 - 00000000 ____D C:\Users\camille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2016-09-26 18:23 - 2014-07-29 16:03 - 00000000 ____D C:\Users\camille\AppData\Roaming\Skype
2016-09-26 17:43 - 2014-12-26 13:11 - 00103936 ___SH C:\Users\andre\Documents\Thumbs.db
 
==================== Files in the root of some directories =======
 
2015-04-23 19:11 - 2015-04-23 19:11 - 0000132 _____ () C:\Users\camille\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-12-01 21:10 - 2014-12-01 21:10 - 0000132 _____ () C:\Users\camille\AppData\Roaming\Adobe GIF Format CS6 Prefs
2015-07-12 20:31 - 2016-10-25 15:24 - 0000132 _____ () C:\Users\camille\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-07-14 18:33 - 2016-07-22 22:38 - 0000132 _____ () C:\Users\camille\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-06-05 21:44 - 2016-06-05 21:45 - 0002298 _____ () C:\Users\camille\AppData\Roaming\ASSDraw3.cfg
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\camille\AppData\Roaming\DZTDONR
2014-09-01 04:18 - 2014-09-01 04:18 - 0001248 _____ () C:\Users\camille\AppData\Roaming\OGXWLGS
2016-06-26 15:07 - 2016-10-22 21:16 - 0001456 _____ () C:\Users\camille\AppData\Local\Adobe Enregistrer pour le Web 11.0 Prefs
2015-06-09 22:26 - 2016-06-01 17:24 - 0001456 _____ () C:\Users\camille\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-08-18 20:06 - 2016-07-18 13:31 - 0001456 _____ () C:\Users\camille\AppData\Local\Adobe Save for Web 13.0 Prefs
2012-05-03 07:12 - 2012-05-03 07:12 - 0000532 _____ () C:\Users\camille\AppData\Local\datos.txt
2014-02-05 16:08 - 2014-02-05 16:08 - 0193744 _____ () C:\Users\camille\AppData\Local\lateral1.bmp
2010-11-12 05:10 - 2010-11-12 05:10 - 0193744 _____ () C:\Users\camille\AppData\Local\lateral2.bmp
2014-02-05 16:10 - 2014-02-05 16:10 - 0195108 _____ () C:\Users\camille\AppData\Local\lateral3.bmp
2014-11-26 22:51 - 2014-11-26 22:51 - 0000003 _____ () C:\Users\camille\AppData\Local\proxy.log
2016-10-24 08:27 - 2016-10-24 08:27 - 0003411 _____ () C:\Users\camille\AppData\Local\recently-used.xbel
2014-02-05 17:50 - 2014-02-05 17:50 - 0043976 _____ () C:\Users\camille\AppData\Local\save_en.bmp
2014-02-05 17:49 - 2014-02-05 17:49 - 0043976 _____ () C:\Users\camille\AppData\Local\save_es.bmp
2014-07-06 15:36 - 2014-07-06 15:36 - 0045530 _____ () C:\ProgramData\1404675383.bdinstall.bin
2014-07-06 15:39 - 2014-07-06 15:39 - 0045398 _____ () C:\ProgramData\1404675570.bdinstall.bin
2014-07-06 15:42 - 2014-07-06 15:42 - 0041467 _____ () C:\ProgramData\1404675766.2104.bin
2014-07-06 15:42 - 2014-07-06 15:42 - 0002056 _____ () C:\ProgramData\1404675766.6052.bin
2014-07-06 15:50 - 2014-07-06 15:50 - 0200454 _____ () C:\ProgramData\1404676000.bdinstall.bin
2014-07-21 00:25 - 2014-07-21 00:25 - 0037670 _____ () C:\ProgramData\1405916724.bdinstall.bin
2014-07-21 00:26 - 2014-07-21 00:26 - 0098111 _____ () C:\ProgramData\1405916727.bdinstall.bin
2014-04-18 08:45 - 2014-04-18 08:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-08 20:29 - 2015-09-09 20:29 - 0000032 ____R () C:\ProgramData\hash.dat
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\camille\AppData\Roaming\Origin\update.vbe
 
 
Some files in TEMP:
====================
C:\Users\andre\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\andre\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\andre\AppData\Local\Temp\Execute2App.exe
C:\Users\andre\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\andre\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\andre\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\andre\AppData\Local\Temp\mssinstaller.exe
C:\Users\andre\AppData\Local\Temp\msvcp90.dll
C:\Users\andre\AppData\Local\Temp\msvcr90.dll
C:\Users\andre\AppData\Local\Temp\octBC7.tmp.exe
C:\Users\camille\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\camille\AppData\Local\Temp\83f318da0d8ed571ced3847bb7c62c6e.dll
C:\Users\camille\AppData\Local\Temp\COMAP.EXE
C:\Users\camille\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\camille\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\camille\AppData\Local\Temp\jna3169813545239696595.dll
C:\Users\camille\AppData\Local\Temp\jna4330307515631077367.dll
C:\Users\camille\AppData\Local\Temp\jna5509413813904682413.dll
C:\Users\camille\AppData\Local\Temp\jna7054076489605966158.dll
C:\Users\camille\AppData\Local\Temp\jna8314971860550643774.dll
C:\Users\camille\AppData\Local\Temp\jna867204880319736098.dll
C:\Users\camille\AppData\Local\Temp\procexp64.exe
C:\Users\camille\AppData\Local\Temp\SkypeSetup.exe
C:\Users\camille\AppData\Local\Temp\unins000.exe
C:\Users\camille\AppData\Local\Temp\xmlUpdater.exe
C:\Users\chantal\AppData\Local\Temp\oct2BC3.tmp.exe
C:\Users\chantal\AppData\Local\Temp\oct2E5B.tmp.exe
C:\Users\chantal\AppData\Local\Temp\oct3283.tmp.exe
C:\Users\chantal\AppData\Local\Temp\oct3C94.tmp.exe
C:\Users\chantal\AppData\Local\Temp\oct6E74.tmp.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-22 05:59
 
==================== End of FRST.txt ============================
 
 
Thank you in advance!
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 31 October 2016 - 01:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/630660 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 05 November 2016 - 01:50 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users