CreateRestorePoint: HKLM-x32\...\Run: [SmartWeb] => C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\CurrentVersion\Windows: [Load] C:\ProgramData\msboivr.exe <===== ATTENTION ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled ProxyServer: [.DEFAULT] => http=127.0.0.1:58531;https=127.0.0.1:58531 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysear...q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysear...q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysear...q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysear...q={searchTerms} HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> DefaultScope {A0352F78-E89C-46CA-873F-ADD222900DED} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {A0352F78-E89C-46CA-873F-ADD222900DED} URL = http://www.luckysear...q={searchTerms} SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.luckysear...q={searchTerms} BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll No File BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll No File BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-02] (Thinknice Co. Limited) BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll No File Toolbar: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.omniboxes...B0FA53589A53589 FF NewTab: hxxp://www.luckysearches.com/newtab/?type=nt&ts=1429177437&from=cmi&uid=ST1000LM024XHN-M101MBB_S314JB0FA53589A53589 FF DefaultSearchEngine: Secure Search FF DefaultSearchEngine.US: Secure Search FF SearchEngineOrder.1: Secure Search FF SelectedSearchEngine: Secure Search FF Homepage: hxxp://www. FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\luckysearches.xml [2015-04-16] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\omniboxes.xml [2015-04-16] FF Extension: jid0coCUQ7NySNPcj72dA3557kKXGZUjetpack - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack [2015-04-20] FF Extension: Search Enginer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\searchengine@gmail.com [2015-04-16] FF Extension: Search Enginer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\sweetsearch@gmail.com [2015-04-16] FF Extension: PoriceMinus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\VYE@AW.org [2015-06-01] FF Extension: 06997db0c0274d5fbd37b0d9230226ea - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea} [2015-04-20] FF Extension: 11b496ea481a11dc83140800200c9a66 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{11b496ea-481a-11dc-8314-0800200c9a66} [2015-04-20] FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-05] FF Extension: Great Find - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{c0cebc48-e279-433d-941e-b6a337c130d6}.xpi [2015-06-26] FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\quick_searchff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\sweetsearch@gmail.com FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\searchengine@gmail.com FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox CHR Extension: (Hola Better Internet Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-05-27] CHR Extension: (Hola Better Internet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-05-27] R2 VSSS; C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [98832704 2015-06-26] (Microsoft Corporation) [File not signed] <==== ATTENTION S1 cherimoya; system32\drivers\cherimoya.sys [X] R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] 2015-06-30 20:47 - 2015-06-30 20:47 - 01415680 _____ (wj32) C:\Program Files\GWOGKNUJ.exe 2015-06-30 20:45 - 2015-06-30 20:45 - 01415680 _____ (wj32) C:\Program Files\XZDFH3FN.exe 2015-06-30 20:40 - 2015-06-30 20:40 - 01415680 _____ (wj32) C:\Program Files\05LSLKVW.exe 2015-06-30 20:38 - 2015-06-30 20:38 - 01415680 _____ (wj32) C:\Program Files\SL3L3XSU.exe 2015-06-30 20:38 - 2015-06-30 20:38 - 01415680 _____ (wj32) C:\Program Files\3XF8PUND.exe 2015-06-30 20:37 - 2015-06-30 20:37 - 01415680 _____ (wj32) C:\Program Files\8DIDIPKH.exe 2015-06-30 20:36 - 2015-06-30 20:36 - 01415680 _____ (wj32) C:\Program Files\4KCYK6XC.exe 2015-06-30 20:33 - 2015-06-30 20:33 - 01415680 _____ (wj32) C:\Program Files\3JBZT93N.exe 2015-06-30 20:31 - 2015-06-30 20:31 - 01415680 _____ (wj32) C:\Program Files\ZT9EJOIA.exe 2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\US46I6YU.exe 2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\LXP1FHZH.exe 2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\KLZSCHMO.exe 2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\1F7CHYU7.exe 2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\X91P13P7.exe 2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\VOI0TN57.exe 2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\NSXRK2WF.exe 2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\UMKIME02.exe 2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\4WOIAK70.exe 2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\4KWEM8UO.exe 2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\V1GT8U91.exe 2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\K6Y8UF25.exe 2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\H7S47J4T.exe 2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\6YK62EAI.exe 2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\6M2IG8C6.exe 2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\T807Z47K.exe 2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\CRLA4X25.exe 2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\0WONMSKI.exe 2015-06-30 18:06 - 2015-06-30 18:06 - 01415680 _____ (wj32) C:\Program Files\B5NGAKV9.exe 2015-06-30 18:04 - 2015-06-30 18:04 - 01415680 _____ (wj32) C:\Program Files\KCSE0LJA.exe 2015-06-30 17:41 - 2015-06-30 17:41 - 01415680 _____ (wj32) C:\Program Files\THGS38A0.exe 2015-06-30 17:41 - 2015-06-30 17:41 - 01415680 _____ (wj32) C:\Program Files\FWMKBE8B.exe 2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\ZSMPTPHH.exe 2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\P7PWEWET.exe 2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\2F46XMC5.exe 2015-06-30 17:38 - 2015-06-30 17:38 - 01415680 _____ (wj32) C:\Program Files\41UVPUDE.exe 2015-06-30 17:36 - 2015-06-30 17:36 - 01415680 _____ (wj32) C:\Program Files\KSK2O0SA.exe 2015-06-30 17:36 - 2015-06-30 17:36 - 01415680 _____ (wj32) C:\Program Files\G2KMIMOM.exe 2015-06-30 17:35 - 2015-06-30 17:35 - 01415680 _____ (wj32) C:\Program Files\6Z4MGJBE.exe 2015-06-30 17:34 - 2015-06-30 17:34 - 01415680 _____ (wj32) C:\Program Files\OKG5C5CK.exe 2015-06-30 17:34 - 2015-06-30 17:34 - 01415680 _____ (wj32) C:\Program Files\B6D6KL3K.exe 2015-06-30 17:31 - 2015-06-30 17:31 - 01415680 _____ (wj32) C:\Program Files\XZCR7PWY.exe 2015-06-30 17:29 - 2015-06-30 17:29 - 01415680 _____ (wj32) C:\Program Files\XWV1GMUT.exe 2015-06-30 17:29 - 2015-06-30 17:29 - 01415680 _____ (wj32) C:\Program Files\4KSUCEGK.exe 2015-06-30 17:28 - 2015-06-30 17:28 - 01415680 _____ (wj32) C:\Program Files\BFVCRX4S.exe 2015-06-30 17:27 - 2015-06-30 17:27 - 01415680 _____ (wj32) C:\Program Files\3WK8D6O4.exe 2015-06-30 17:27 - 2015-06-30 17:27 - 01415680 _____ (wj32) C:\Program Files\0U0UCIWC.exe 2015-06-30 17:26 - 2015-06-30 17:26 - 01415680 _____ (wj32) C:\Program Files\BRY71TZ0.exe 2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\W1TN3KL1.exe 2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\VPUZSX2V.exe 2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\DUZ49RW2.exe 2015-06-30 17:18 - 2015-06-30 17:18 - 01415680 _____ (wj32) C:\Program Files\HX135XZ7.exe 2015-06-30 17:18 - 2015-06-30 17:18 - 01415680 _____ (wj32) C:\Program Files\BG9O3L2G.exe 2015-06-30 17:17 - 2015-06-30 17:17 - 01415680 _____ (wj32) C:\Program Files\C6ZJE6ZH.exe 2015-06-30 17:17 - 2015-06-30 17:17 - 01415680 _____ (wj32) C:\Program Files\A6ACE680.exe 2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\WD5AD59E.exe 2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\VXJV9VRB.exe 2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\S6S4WA20.exe 2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\MP69R9G5.exe 2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\F455JJWL.exe 2015-06-30 17:15 - 2015-06-30 17:15 - 01415680 _____ (wj32) C:\Program Files\M7A2E69K.exe 2015-06-30 17:08 - 2015-06-30 17:08 - 01415680 _____ (wj32) C:\Program Files\6CHB4YRW.exe 2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\LNZ11FR4.exe 2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\CHP71JO6.exe 2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\BI0I0TBE.exe 2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\37DHMEUC.exe 2015-06-30 17:05 - 2015-06-30 17:05 - 01415680 _____ (wj32) C:\Program Files\ASMRK4MR.exe 2015-06-30 17:04 - 2015-06-30 17:04 - 01415680 _____ (wj32) C:\Program Files\YGNGXF89.exe 2015-06-30 17:04 - 2015-06-30 17:04 - 01415680 _____ (wj32) C:\Program Files\05A3LKVB.exe 2015-06-30 17:02 - 2015-06-30 17:02 - 01415680 _____ (wj32) C:\Program Files\M8UG2O9J.exe 2015-06-30 17:00 - 2015-06-30 17:00 - 01415680 _____ (wj32) C:\Program Files\GLKK2I0E.exe 2015-06-30 16:59 - 2015-06-30 16:59 - 01415680 _____ (wj32) C:\Program Files\50INUZUN.exe 2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\K82KPVP3.exe 2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\AFM4XR9F.exe 2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\9P6Y1G8Y.exe 2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\6DTBGA3T.exe 2015-06-30 16:55 - 2015-06-30 16:55 - 01415680 _____ (wj32) C:\Program Files\M5XEU8BG.exe 2015-06-30 16:55 - 2015-06-30 16:55 - 01415680 _____ (wj32) C:\Program Files\LA4JMME5.exe 2015-06-30 16:53 - 2015-06-30 16:53 - 01415680 _____ (wj32) C:\Program Files\JOL3WKPK.exe 2015-06-30 16:52 - 2015-06-30 16:52 - 01415680 _____ (wj32) C:\Program Files\HD5XT5O6.exe 2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\H9LN9DZR.exe 2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\7EWPUPJ1.exe 2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\6AM4YY4K.exe 2015-06-30 16:46 - 2015-06-30 16:46 - 01415680 _____ (wj32) C:\Program Files\FA4M5ZSV.exe 2015-06-30 16:40 - 2015-06-30 16:40 - 01415680 _____ (wj32) C:\Program Files\BHWFETJV.exe 2015-06-30 16:40 - 2015-06-30 16:40 - 01415680 _____ (wj32) C:\Program Files\B5NGL2VS.exe 2015-06-30 16:39 - 2015-06-30 16:39 - 01415680 _____ (wj32) C:\Program Files\W2WPW1UO.exe 2015-06-30 16:37 - 2015-06-30 16:37 - 01415680 _____ (wj32) C:\Program Files\Z48NFVNH.exe 2015-06-30 16:31 - 2015-06-30 16:31 - 01415680 _____ (wj32) C:\Program Files\XPJBMIM0.exe 2015-06-30 16:29 - 2015-06-30 16:29 - 01415680 _____ (wj32) C:\Program Files\YAW8M86Y.exe 2015-06-30 16:29 - 2015-06-30 16:29 - 01415680 _____ (wj32) C:\Program Files\5NF7NSM0.exe 2015-06-30 16:24 - 2015-06-30 16:24 - 01415680 _____ (wj32) C:\Program Files\SFHJJEXS.exe 2015-06-30 16:24 - 2015-06-30 16:24 - 01415680 _____ (wj32) C:\Program Files\IUKBEJO7.exe 2015-06-30 16:23 - 2015-06-30 16:23 - 01415680 _____ (wj32) C:\Program Files\A2E6O6IC.exe 2015-06-30 16:23 - 2015-06-30 16:23 - 01415680 _____ (wj32) C:\Program Files\7J2U05HF.exe 2015-06-30 16:21 - 2015-06-30 16:21 - 01415680 _____ (wj32) C:\Program Files\ZX5PB97B.exe 2015-06-30 16:21 - 2015-06-30 16:21 - 01415680 _____ (wj32) C:\Program Files\A64W6YWO.exe 2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\TXPSW1HV.exe 2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\T5RP7DVX.exe 2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\RX4A4AF5.exe 2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\KIXCF6Y4.exe 2015-06-30 16:19 - 2015-06-30 16:19 - 01415680 _____ (wj32) C:\Program Files\YKOGW6CW.exe 2015-06-30 16:19 - 2015-06-30 16:19 - 01415680 _____ (wj32) C:\Program Files\UDLB32DS.exe 2015-06-30 16:17 - 2015-06-30 16:17 - 01415680 _____ (wj32) C:\Program Files\S4KOA8KS.exe 2015-06-30 16:16 - 2015-06-30 16:16 - 01415680 _____ (wj32) C:\Program Files\XJGFWI3P.exe 2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\VAF7ZH9F.exe 2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\RYEWDVEB.exe 2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\L0SXP5XY.exe 2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\K2JM15XR.exe 2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\FZRLKW1V.exe 2015-06-30 16:07 - 2015-06-30 16:07 - 01415680 _____ (wj32) C:\Program Files\VC4K1FDI.exe 2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\ZBNZBNSA.exe 2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\XT5X9S1S.exe 2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\TFRZBX1P.exe 2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\E64GSGOC.exe 2015-06-30 16:04 - 2015-06-30 16:04 - 01415680 _____ (wj32) C:\Program Files\YACY28IS.exe 2015-06-30 16:04 - 2015-06-30 16:04 - 01415680 _____ (wj32) C:\Program Files\9VN9VHXN.exe 2015-06-30 16:03 - 2015-06-30 16:03 - 01415680 _____ (wj32) C:\Program Files\YIO6OTBR.exe 2015-06-30 16:03 - 2015-06-30 16:03 - 01415680 _____ (wj32) C:\Program Files\RWPJ16ZS.exe 2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\YEVDIBIJ.exe 2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\WK5NGBI7.exe 2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\94MSZSMH.exe 2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\4LDTBGX9.exe 2015-06-30 16:01 - 2015-06-30 16:01 - 01415680 _____ (wj32) C:\Program Files\EJOTBGAP.exe 2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\TPPRNH7N.exe 2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\TLNFV7TL.exe 2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\NR53HRBX.exe 2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\2A0KWM60.exe 2015-06-30 15:59 - 2015-06-30 15:59 - 01415680 _____ (wj32) C:\Program Files\DFD9DPL5.exe 2015-06-30 05:02 - 2015-06-30 05:02 - 01415680 _____ (wj32) C:\Program Files\DUZFWPUK.exe 2015-06-30 05:01 - 2015-06-30 05:01 - 01415680 _____ (wj32) C:\Program Files\CMUGOOXN.exe 2015-06-30 04:58 - 2015-06-30 04:58 - 01415680 _____ (wj32) C:\Program Files\YIBVOI0I.exe 2015-06-30 04:57 - 2015-06-30 04:57 - 01415680 _____ (wj32) C:\Program Files\9EJ1UBG7.exe 2015-06-30 04:54 - 2015-06-30 04:54 - 01415680 _____ (wj32) C:\Program Files\G93L1TYP.exe 2015-06-30 04:53 - 2015-06-30 04:53 - 01415680 _____ (wj32) C:\Program Files\2OKYKM8M.exe 2015-06-30 04:52 - 2015-06-30 04:52 - 01415680 _____ (wj32) C:\Program Files\1FRTLZ1J.exe 2015-06-30 04:49 - 2015-06-30 04:49 - 01415680 _____ (wj32) C:\Program Files\FB37JV75.exe 2015-06-30 04:48 - 2015-06-30 04:48 - 01415680 _____ (wj32) C:\Program Files\KXP5DIZD.exe 2015-06-30 04:47 - 2015-06-30 04:47 - 01415680 _____ (wj32) C:\Program Files\ZB9HJ191.exe 2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\ZTM4ZTB2.exe 2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\OUPJ172F.exe 2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\49E8DIN2.exe 2015-06-30 04:45 - 2015-06-30 04:45 - 01415680 _____ (wj32) C:\Program Files\R3FRGVJ9.exe 2015-06-30 04:45 - 2015-06-30 04:45 - 01415680 _____ (wj32) C:\Program Files\O6ZHC6OK.exe 2015-06-30 04:42 - 2015-06-30 04:42 - 01415680 _____ (wj32) C:\Program Files\GVNS916V.exe 2015-06-30 04:39 - 2015-06-30 04:39 - 01415680 _____ (wj32) C:\Program Files\L04KEMRS.exe 2015-06-30 04:37 - 2015-06-30 04:37 - 01415680 _____ (wj32) C:\Program Files\YGYRLEWK.exe 2015-06-30 04:36 - 2015-06-30 04:36 - 01415680 _____ (wj32) C:\Program Files\80TAIBTN.exe 2015-06-30 04:35 - 2015-06-30 04:35 - 01415680 _____ (wj32) C:\Program Files\S6WY0KF9.exe 2015-06-30 04:33 - 2015-06-30 04:33 - 01415680 _____ (wj32) C:\Program Files\58PHX1UK.exe 2015-06-30 04:32 - 2015-06-30 04:32 - 01415680 _____ (wj32) C:\Program Files\VBF7ZHMB.exe 2015-06-30 04:32 - 2015-06-30 04:32 - 01415680 _____ (wj32) C:\Program Files\0WGM4ZHK.exe 2015-06-30 04:30 - 2015-06-30 04:30 - 01415680 _____ (wj32) C:\Program Files\4XPHMKI4.exe 2015-06-30 04:29 - 2015-06-30 04:29 - 01415680 _____ (wj32) C:\Program Files\M4MFXR9B.exe 2015-06-30 04:28 - 2015-06-30 04:28 - 01415680 _____ (wj32) C:\Program Files\ZHZHZSZK.exe 2015-06-30 04:26 - 2015-06-30 04:26 - 01415680 _____ (wj32) C:\Program Files\SZ5KA5NT.exe 2015-06-30 04:26 - 2015-06-30 04:26 - 01415680 _____ (wj32) C:\Program Files\91I0INST.exe 2015-06-30 04:24 - 2015-06-30 04:24 - 01415680 _____ (wj32) C:\Program Files\FKPJ171F.exe 2015-06-30 04:21 - 2015-06-30 04:21 - 01415680 _____ (wj32) C:\Program Files\IYKK05PK.exe 2015-06-30 04:21 - 2015-06-30 04:21 - 01415680 _____ (wj32) C:\Program Files\HOTMGLZE.exe 2015-06-30 04:18 - 2015-06-30 04:18 - 01415680 _____ (wj32) C:\Program Files\OSLK7M2I.exe 2015-06-30 04:18 - 2015-06-30 04:18 - 01415680 _____ (wj32) C:\Program Files\IARW1UO2.exe 2015-06-30 04:16 - 2015-06-30 04:16 - 01415680 _____ (wj32) C:\Program Files\UCHO4C6C.exe 2015-06-30 04:15 - 2015-06-30 04:15 - 01415680 _____ (wj32) C:\Program Files\BRWK6YDK.exe 2015-06-30 04:14 - 2015-06-30 04:14 - 01415680 _____ (wj32) C:\Program Files\60GX0SXA.exe 2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\LP2GT7PS.exe 2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\E8E8KWES.exe 2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\9D5XCH91.exe 2015-06-30 04:11 - 2015-06-30 04:11 - 01415680 _____ (wj32) C:\Program Files\AUNU2XM5.exe 2015-06-30 04:09 - 2015-06-30 04:09 - 01415680 _____ (wj32) C:\Program Files\A7K8FYTJ.exe 2015-06-30 04:08 - 2015-06-30 04:08 - 01415680 _____ (wj32) C:\Program Files\CVDVK8YG.exe 2015-06-30 04:08 - 2015-06-30 04:08 - 01415680 _____ (wj32) C:\Program Files\9JPEVDJN.exe 2015-06-30 04:06 - 2015-06-30 04:06 - 01415680 _____ (wj32) C:\Program Files\5N5N5ZSJ.exe 2015-06-30 04:06 - 2015-06-30 04:06 - 01415680 _____ (wj32) C:\Program Files\4B4YG9EJ.exe 2015-06-30 04:01 - 2015-06-30 04:01 - 01415680 _____ (wj32) C:\Program Files\YSASASLC.exe 2015-06-30 04:01 - 2015-06-30 04:01 - 01415680 _____ (wj32) C:\Program Files\B5YGASAI.exe 2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\U8ACEGUP.exe 2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\RKSMP7S8.exe 2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\RJBKTLDT.exe 2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\CHMP7B3S.exe 2015-06-30 03:54 - 2015-06-30 03:54 - 01415680 _____ (wj32) C:\Program Files\OTM3VNST.exe 2015-06-30 03:54 - 2015-06-30 03:54 - 01415680 _____ (wj32) C:\Program Files\2GGI9PF6.exe 2015-06-30 03:51 - 2015-06-30 03:51 - 01415680 _____ (wj32) C:\Program Files\HY1V03L9.exe 2015-06-30 03:44 - 2015-06-30 03:44 - 01415680 _____ (wj32) C:\Program Files\B3WK8KV0.exe 2015-06-30 03:43 - 2015-06-30 03:43 - 01415680 _____ (wj32) C:\Program Files\D7PUZ49Y.exe 2015-06-30 03:43 - 2015-06-30 03:43 - 01415680 _____ (wj32) C:\Program Files\05BG82VS.exe 2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\WP7PKEJY.exe 2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\JZ4VCHZ7.exe 2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\0SKC46OW.exe 2015-06-30 03:39 - 2015-06-30 03:39 - 01415680 _____ (wj32) C:\Program Files\4JWWUNO4.exe 2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\N5L2YTLM.exe 2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\B1K349RW.exe 2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\AOAWEGUK.exe 2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\L04ARH9C.exe 2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\03XP5MRZ.exe 2015-06-30 03:34 - 2015-06-30 03:34 - 01415680 _____ (wj32) C:\Program Files\85RDI4VR.exe 2015-06-30 03:33 - 2015-06-30 03:33 - 01415680 _____ (wj32) C:\Program Files\K8PICST4.exe 2015-06-30 03:32 - 2015-06-30 03:32 - 01415680 _____ (wj32) C:\Program Files\KXLAFXPK.exe 2015-06-30 03:31 - 2015-06-30 03:31 - 01415680 _____ (wj32) C:\Program Files\6DVDVD80.exe 2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\XDIZRWOP.exe 2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\WRXFMO2I.exe 2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\KV0GXDIV.exe 2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\Y5OMJE7Y.exe 2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\IO6DJDVO.exe 2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\FTIV20GU.exe 2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\94X5CV00.exe 2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\81JDVOT6.exe 2015-06-30 03:28 - 2015-06-30 22:04 - 00000000 ____D C:\ProgramData\AVAST Software 2015-06-30 03:28 - 2015-06-30 03:28 - 01415680 _____ (wj32) C:\Program Files\H05HMCOM.exe 2015-06-30 03:28 - 2015-06-30 03:28 - 01415680 _____ (wj32) C:\Program Files\CSE0G8OS.exe 2015-06-30 03:27 - 2015-06-30 03:27 - 01415680 _____ (wj32) C:\Program Files\9C4M49EB.exe 2015-06-30 03:26 - 2015-06-30 03:26 - 01415680 _____ (wj32) C:\Program Files\I05A2IZS.exe 2015-06-30 03:25 - 2015-06-30 03:25 - 01415680 _____ (wj32) C:\Program Files\ZHZBTBDB.exe 2015-06-30 03:25 - 2015-06-30 03:25 - 01415680 _____ (wj32) C:\Program Files\P5XUM29A.exe 2015-06-30 03:24 - 2015-06-30 03:24 - 01415680 _____ (wj32) C:\Program Files\5NHN4DVP.exe 2015-06-30 03:22 - 2015-06-30 03:22 - 01415680 _____ (wj32) C:\Program Files\NSA4X2JB.exe 2015-06-30 03:20 - 2015-06-30 03:20 - 01415680 _____ (wj32) C:\Program Files\WLDF4TLZ.exe 2015-06-30 03:19 - 2015-06-30 03:19 - 01415680 _____ (wj32) C:\Program Files\HXP7OHO2.exe 2015-06-30 03:19 - 2015-06-30 03:19 - 01415680 _____ (wj32) C:\Program Files\CUC5N5C5.exe 2015-06-30 03:16 - 2015-06-30 03:16 - 01415680 _____ (wj32) C:\Program Files\RTV77W9X.exe 2015-06-30 03:16 - 2015-06-30 03:16 - 01415680 _____ (wj32) C:\Program Files\P6ZGU8O4.exe 2015-06-30 03:12 - 2015-06-30 03:12 - 01415680 _____ (wj32) C:\Program Files\3BD5R3FD.exe 2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\VDFN51NJ.exe 2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\EENYUAFR.exe 2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\C4WOKSUU.exe 2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\9IR03V3V.exe 2015-06-30 03:07 - 2015-06-30 03:07 - 00000000 ____D C:\Users\User\AppData\Roaming\ZTEMTUI 2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\G9381VKS.exe 2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\B3KNSWSG.exe 2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\A80CUMOM.exe 2015-06-30 03:05 - 2015-06-30 03:05 - 01415680 _____ (wj32) C:\Program Files\KKAMKM2I.exe 2015-06-30 03:05 - 2015-06-30 03:05 - 01415680 _____ (wj32) C:\Program Files\3BBFNNRZ.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\Z9VZRVB7.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\YI06O6O8.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\U8KA0KYS.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\RJOSKNS6.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\O8A6EYIC.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\MKYAY6AA.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\H1FZP7L9.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\G0K0CWCS.exe 2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\2I6MKKYY.exe 2015-06-30 03:03 - 2015-06-30 03:03 - 01415680 _____ (wj32) C:\Program Files\C8AUAW0O.exe 2015-06-30 03:03 - 2015-06-30 03:03 - 01415680 _____ (wj32) C:\Program Files\4WI42IAU.exe 2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\Z3FVJNZR.exe 2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\VLB73NDT.exe 2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\RZF3FVR3.exe 2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\HKCRVA25.exe 2015-06-30 02:59 - 2015-06-30 02:59 - 01415680 _____ (wj32) C:\Program Files\SACMOGIA.exe 2015-06-30 02:59 - 2015-06-30 02:59 - 01415680 _____ (wj32) C:\Program Files\S80H0INB.exe 2015-06-30 02:46 - 2015-06-30 02:46 - 01415680 _____ (wj32) C:\Program Files\3EKKWWSZ.exe 2015-06-30 02:42 - 2015-06-30 02:42 - 01415680 _____ (wj32) C:\Program Files\WSXRXHAF.exe 2015-06-30 02:42 - 2015-06-30 02:42 - 01415680 _____ (wj32) C:\Program Files\6B5NSAF6.exe 2015-06-30 00:20 - 2015-06-30 00:20 - 01415680 _____ (wj32) C:\Program Files\NIGLMT04.exe 2015-06-29 23:53 - 2015-06-29 23:53 - 01415680 _____ (wj32) C:\Program Files\7SBUFYH9.exe 2015-06-29 23:35 - 2015-06-29 23:35 - 01415680 _____ (wj32) C:\Program Files\YHMPA0L3.exe 2015-06-29 23:35 - 2015-06-29 23:35 - 01415680 _____ (wj32) C:\Program Files\C0WKSOO0.exe 2015-06-29 23:29 - 2015-06-29 23:29 - 01415680 _____ (wj32) C:\Program Files\7JVR397V.exe 2015-06-29 23:25 - 2015-06-29 23:29 - 05157536 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup (1).exe 2015-06-29 23:17 - 2015-06-29 23:17 - 01415680 _____ (wj32) C:\Program Files\VOV1J1V9.exe 2015-06-29 23:17 - 2015-06-29 23:17 - 01415680 _____ (wj32) C:\Program Files\PR68XOPJ.exe 2015-06-29 23:16 - 2015-06-29 23:38 - 00000000 ____D C:\Program Files\stinger 2015-06-29 22:51 - 2015-06-29 22:51 - 01415680 _____ (wj32) C:\Program Files\TXBF6KYN.exe 2015-06-29 22:01 - 2015-06-29 22:01 - 01415680 _____ (wj32) C:\Program Files\C4L1IN3K.exe 2015-06-29 21:48 - 2015-06-29 21:59 - 07720664 _____ (McAfee, Inc.) C:\Users\User\Downloads\Setup_serial_vXhmvuT7FQA_QT7-DpztaA2_key.exe 2015-06-29 21:27 - 2015-06-29 21:27 - 01415680 _____ (wj32) C:\Program Files\JJ37R7FN.exe 2015-06-29 21:26 - 2015-06-29 21:26 - 01415680 _____ (wj32) C:\Program Files\EAMAW8WO.exe 2015-06-29 21:14 - 2015-06-29 21:14 - 01415680 _____ (wj32) C:\Program Files\K8P5A2WA.exe 2015-06-29 21:14 - 2015-06-29 21:14 - 01415680 _____ (wj32) C:\Program Files\I5NJCYD5.exe 2015-06-29 19:39 - 2015-06-29 19:39 - 01415680 _____ (wj32) C:\Program Files\PHXFAB6N.exe 2015-06-29 19:36 - 2015-06-29 19:36 - 01415680 _____ (wj32) C:\Program Files\NVKIJKXX.exe 2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\U16ZHMGL.exe 2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\LX9NZL7P.exe 2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\IA2MU6SM.exe 2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\CYKCAI4U.exe 2015-06-29 19:30 - 2015-06-29 19:30 - 00000103 _____ C:\Users\User\Desktop\oas-disabled-fix.cmd 2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\O2E02G8W.exe 2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\MYACMEWO.exe 2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\97D535NB.exe 2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\6YWEGYKO.exe 2015-06-29 19:04 - 2015-06-29 19:04 - 01415680 _____ (wj32) C:\Program Files\XH13RNZN.exe 2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\PZXDLPJL.exe 2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\DFHPNZRZ.exe 2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\86SA47OK.exe 2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\I4OAWGC0.exe 2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\AAKUGWC6.exe 2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\5DV9BTJV.exe 2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\1JZR9E6W.exe 2015-06-29 16:43 - 2015-06-29 16:43 - 01415680 _____ (wj32) C:\Program Files\4KIACA82.exe 2015-06-29 16:43 - 2015-06-29 16:43 - 01415680 _____ (wj32) C:\Program Files\380FK0UP.exe 2015-06-29 16:10 - 2015-06-29 16:10 - 01415680 _____ (wj32) C:\Program Files\MOW4CO20.exe 2015-06-29 16:06 - 2015-06-29 16:06 - 01415680 _____ (wj32) C:\Program Files\JC4Y3W1R.exe 2015-06-29 16:03 - 2015-06-29 16:03 - 01415680 _____ (wj32) C:\Program Files\3PBXOKG7.exe 2015-06-29 02:47 - 2015-06-29 02:47 - 00196538 _____ C:\Users\User\Downloads\watch (1).htm 2015-06-29 02:38 - 2015-06-29 02:38 - 01415680 _____ (wj32) C:\Program Files\WCKW8SW8.exe 2015-06-29 02:38 - 2015-06-29 02:38 - 01415680 _____ (wj32) C:\Program Files\EGYW0ECW.exe 2015-06-29 01:59 - 2015-06-29 01:59 - 01415680 _____ (wj32) C:\Program Files\FIA26B3S.exe 2015-06-29 01:59 - 2015-06-29 01:59 - 01415680 _____ (wj32) C:\Program Files\1DVNPHJ7.exe 2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\K2L6IGSO.exe 2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\8R3V7K20.exe 2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\68WMOU04.exe 2015-06-29 00:35 - 2015-06-29 00:35 - 01415680 _____ (wj32) C:\Program Files\E670AGAY.exe 2015-06-29 00:33 - 2015-06-29 00:33 - 01415680 _____ (wj32) C:\Program Files\ST6KXLWY.exe 2015-06-29 00:27 - 2015-06-29 00:27 - 01415680 _____ (wj32) C:\Program Files\GSW8SCSO.exe 2015-06-29 00:27 - 2015-06-29 00:27 - 01415680 _____ (wj32) C:\Program Files\CKOWOSOG.exe 2015-06-29 00:19 - 2015-06-29 00:19 - 00020064 _____ C:\Users\User\Downloads\MONOVA.ORG CorelDRAW Graphics Suite X7 [Eng] 32bit-64bit including crack.torrent 2015-06-29 00:15 - 2015-06-29 00:15 - 01415680 _____ (wj32) C:\Program Files\26YE0M80.exe 2015-06-29 00:08 - 2015-06-29 00:08 - 01415680 _____ (wj32) C:\Program Files\V37B37V3.exe 2015-06-28 19:56 - 2015-06-28 19:56 - 01415680 _____ (wj32) C:\Program Files\L160S701.exe 2015-06-28 19:56 - 2015-06-28 19:56 - 01415680 _____ (wj32) C:\Program Files\CKOOWW0O.exe 2015-06-28 19:49 - 2015-06-28 19:49 - 01415680 _____ (wj32) C:\Program Files\IKCOMEWA.exe 2015-06-28 19:49 - 2015-06-28 19:49 - 01415680 _____ (wj32) C:\Program Files\5DX5DLPX.exe 2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\UZ6ZUCUJ.exe 2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\USEO5RH2.exe 2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\PBXUGRCA.exe 2015-06-28 02:52 - 2015-06-28 02:52 - 01415680 _____ (wj32) C:\Program Files\M24YKCIG.exe 2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\P6P3C3PK.exe 2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\EXEAO5TK.exe 2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\CTWD6B50.exe 2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\CL73ZKEB.exe 2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\AS06Y0C0.exe 2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\1N5RPBJ1.exe 2015-06-27 04:02 - 2015-06-27 04:02 - 01415680 _____ (wj32) C:\Program Files\SKVW118I.exe 2015-06-27 03:57 - 2015-06-27 03:57 - 01415680 _____ (wj32) C:\Program Files\RRV37ZZJ.exe 2015-06-27 03:53 - 2015-06-27 03:53 - 00347816 _____ (Microsoft Corporation) C:\Users\User\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe 2015-06-27 03:33 - 2015-06-27 03:33 - 01415680 _____ (wj32) C:\Program Files\DJ5R1TF7.exe 2015-06-27 03:26 - 2015-06-27 03:26 - 01415680 _____ (wj32) C:\Program Files\YPUYK5J2.exe 2015-06-27 03:26 - 2015-06-27 03:26 - 01415680 _____ (wj32) C:\Program Files\IOI06BGH.exe 2015-06-27 03:19 - 2015-06-27 03:19 - 01415680 _____ (wj32) C:\Program Files\LT9T9LTX.exe 2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\ZTZ6OJ2M.exe 2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\JVFNBRBZ.exe 2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\JRBJB1BB.exe 2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\IR3C432E.exe 2015-06-27 02:10 - 2015-06-27 02:10 - 01415680 _____ (wj32) C:\Program Files\95HPHL7T.exe 2015-06-27 02:10 - 2015-06-27 02:10 - 01415680 _____ (wj32) C:\Program Files\775FT7H7.exe 2015-06-27 02:04 - 2015-06-27 02:04 - 01415680 _____ (wj32) C:\Program Files\0ZV76CB3.exe 2015-06-27 01:07 - 2015-06-27 01:07 - 01415680 _____ (wj32) C:\Program Files\DHTX1XXD.exe 2015-06-26 19:23 - 2015-06-26 19:23 - 01415680 _____ (wj32) C:\Program Files\A1NWAO2H.exe 2015-06-26 19:22 - 2015-06-26 19:22 - 01415680 _____ (wj32) C:\Program Files\V4DWDRNZ.exe 2015-06-26 19:22 - 2015-06-26 19:22 - 01415680 _____ (wj32) C:\Program Files\401NW5WB.exe 2015-06-26 19:21 - 2015-06-26 19:21 - 01415680 _____ (wj32) C:\Program Files\T2GXL7LI.exe 2015-06-26 19:21 - 2015-06-26 19:21 - 01415680 _____ (wj32) C:\Program Files\6UBPY7KN.exe 2015-06-26 02:22 - 2015-06-27 00:24 - 00000000 ____D C:\Users\User\AppData\Roaming\OpenCandy 2015-05-31 16:24 - 2015-05-31 16:24 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-05-31 14:40 - 2015-05-31 14:40 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-06-30 22:39 - 2015-04-16 14:55 - 00004148 _____ C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job 2015-06-30 22:06 - 2015-05-26 22:06 - 00000396 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job 2015-06-30 03:07 - 2014-12-17 22:54 - 00000000 ____D C:\Users\User\AppData\Roaming\AC2787-ZTEEVDO 2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList 2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList 2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList 2015-06-30 00:32 - 2015-04-16 14:42 - 00000000 ____D C:\Program Files (x86)\globalUpdate 2015-06-29 21:12 - 2015-04-16 14:47 - 00000000 ____D C:\Program Files (x86)\3b5e57a9-2300-42b6-837e-64ff9ae02ad6 2015-06-06 16:06 - 2015-05-26 22:06 - 00000000 ____D C:\ProgramData\{1132ae0a-e898-0430-1132-2ae0ae89b82b} Task: {111DD6B1-3D32-4D71-9B34-37EA5FE2D006} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}\office 2013 activator (kmspico 9.1.3).exe <==== ATTENTION Task: {168342E7-D869-42D0-9EEE-16935D5D4265} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-7 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-7.exe <==== ATTENTION Task: {48A93589-CD17-4EB6-B057-9AC52D8CB076} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-6 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-6.exe <==== ATTENTION Task: {6735047D-7852-42A8-9A6D-946CD9513593} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-1-7.exe <==== ATTENTION Task: {763B522F-83C6-4883-B328-102C8EDD21C8} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION Task: {809FE14F-921E-4FAC-938C-3B6FBD419ED4} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-1-6.exe <==== ATTENTION Task: {B092AFA4-9853-48C4-A0D1-C130CA247570} - System32\Tasks\FNIQYHVL => C:\ProgramData\54c1fc65d2be43d1b5912d6632dbad70\54c1fc65d2be43d1b5912d6632dbad70.exe <==== ATTENTION Task: {B1197667-C6E6-444B-920A-BCF08FBBCEAF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-12-03] () Task: {B37E7599-1B6D-4CA8-8173-77CA09BA5706} - System32\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4 => C:\Program Files (x86)\SavePass 1.1\4652072b-041a-4d46-b300-5cb6025f14d8-4.exe <==== ATTENTION Task: {C8FFA308-723F-4770-822E-E1BFA58D8845} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-5.exe <==== ATTENTION Task: {FF99AFF3-B532-4568-998D-A19AC59AA1DB} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job => C:\Program Files (x86)\SavePass 1.1\4652072b-041a-4d46-b300-5cb6025f14d8-4.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}\office 2013 activator (kmspico 9.1.3).exe <==== ATTENTION AlternateDataStreams: C:\Users\User\Cookies:eHAmoLcd7LLsHDUbODKWBfewrC0 AlternateDataStreams: C:\Users\User\OneDrive:ms-properties AlternateDataStreams: C:\Users\User\AppData\Local\Temp:gsbm8dwTRNkHsC3l6SpsZQamO4 HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Classes\exefile: <===== ATTENTION! C:\ProgramData\msboivr.exe C:\Users\User\agent.exe C:\Users\User\DRTCP021.exe C:\Users\User\launchAgent.bat C:\Users\User\launchDrTCP.bat c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b} C:\Program Files (x86)\CinemaPlus-3.2cV15.04 C:\ProgramData\54c1fc65d2be43d1b5912d6632dbad70 C:\Program Files (x86)\SavePass 1.1 C:\Program Files\shopperz C:\Users\User\AppData\Local\SmartWeb C:\Program Files (x86)\Great Find C:\Program Files (x86)\XTab C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe C:\Program Files\kprocesshacker.sys Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F RemoveProxy: CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset EmptyTemp: CMD: bitsadmin /reset /allusers