Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01 Ran by user (administrator) on ORGES on 02-07-2015 23:03:32 Running from C:\Users\user\Downloads Loaded Profiles: user (Available Profiles: user) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Connectify\ConnectifyService.exe (Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Connectify) C:\Program Files\Connectify\Connectifyd.exe (Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Connectify) C:\Program Files\Connectify\Connectify.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (Microsoft Corporation) C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe () C:\Program Files\Connectify\ConnectifyNetServices.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12013272 2013-11-19] (Realtek Semiconductor) HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM\...\Run: [] => [X] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2618680 2015-04-08] (Malwarebytes Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\Run: [Connectify] => C:\Program Files\Connectify\Connectify.exe [4007936 2012-11-09] (Connectify) HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\MountPoints2: H - H:\LaunchU3.exe -a HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\MountPoints2: {25fbfb3d-faa7-11e3-879a-74de2b4f80fd} - H:\iLinker.exe HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\MountPoints2: {dc1ee10f-53ea-11e2-8474-dc0ea12e46a3} - F:\autorun.exe HKU\S-1-5-21-623903606-2496640028-3754115147-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation) IFEO\AcroRd32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\hd-runapp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\okayfreedomclient.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\pccompanion.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\switchboard.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\uninst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\uninstall.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a.lnk [2015-06-10] ShortcutTarget: a.lnk -> C:\Users\user\AppData\Roaming\obekdjgjih.exe (Kareo) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2013-12-13] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2013-12-13] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2013-12-13] () ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-623903606-2496640028-3754115147-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-623903606-2496640028-3754115147-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-02] (Oracle Corporation) BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2013-09-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-02] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) Toolbar: HKU\S-1-5-21-623903606-2496640028-3754115147-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-623903606-2496640028-3754115147-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{00DF63C9-00F1-4DEE-BC55-1D652520BFEE}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{00DF63C9-00F1-4DEE-BC55-1D652520BFEE}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{19A2A9B0-56B2-4B34-BF59-CF9CBC4CB79C}: [NameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{B4C0E79E-6C6A-4ABF-9B53-06BE217DCAD5}: [NameServer] 192.168.184.1 Tcpip\..\Interfaces\{FD598358-3B98-4C3B-8C53-37A5CC0112AF}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default FF DefaultSearchEngine,S: WebSearch FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine: WebSearch FF SelectedSearchEngine,S: WebSearch FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-04-20] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-02] (Oracle Corporation) FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-02] () FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-02] () FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-02] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-10-27] (Microsoft Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-12-19] (Adobe Systems) FF Plugin HKU\S-1-5-21-623903606-2496640028-3754115147-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2013-11-06] (Skype Limited) FF Plugin HKU\S-1-5-21-623903606-2496640028-3754115147-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-22] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-12-09] FF Extension: GoPhotoIt - C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31] FF Extension: anonymoX - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\client@anonymox.net.xpi [2014-08-10] FF Extension: ZenMate Security & Privacy VPN - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\firefox@zenmate.com.xpi [2015-02-12] FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17] FF Extension: Greasemonkey - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-17] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-12-10] FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-02] FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-02] FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-02] FF HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2014-07-20] FF HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Fixer for Java) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakbbfplfhjmmheafiipemmmjjlgcolo [2015-06-11] CHR Extension: (Tampermonkey) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-05-15] CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-05-15] CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-05-15] CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-15] CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-15] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] CHR HKLM\...\Chrome\Extension: [heihnndbnldikchdlicnigbeojkgiiia] - C:\Program Files\MapsGalaxy_39 Chrome Extension\bar\MapsGalaxy@mindspark.com.gen1 [Not Found] CHR HKLM\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-03-12] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [65536 2012-11-09] () [File not signed] S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation) R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation) R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [656184 2015-04-08] (Malwarebytes Corporation) S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software) R2 VSSS; C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101870784 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [24832 2013-10-20] (Advanced Micro Devices, Inc.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [57824 2015-04-14] (AVG Technologies CZ, s.r.o.) R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [64088 2013-06-22] (Broadcom Corporation) R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18520 2013-06-22] (Broadcom Corporation) R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [46168 2013-06-22] (Broadcom Corporation) R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [59600 2013-10-20] (Broadcom Corporation) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd) R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [27248 2014-12-07] (Connectify) S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2014-05-13] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd) R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47928 2015-04-08] () R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [488808 2013-10-20] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-10-20] (Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [37896 2014-08-19] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [120008 2014-11-28] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [36040 2014-10-22] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [699576 2014-12-13] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25800 2014-10-10] (Kaspersky Lab ZAO) S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [26824 2014-10-30] (Kaspersky Lab ZAO) S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [46152 2014-10-09] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [64200 2014-11-22] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [148296 2014-11-10] (Kaspersky Lab ZAO) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-07-02] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2013-10-20] (Intel Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [95304 2011-11-10] (MotioninJoy) S3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [763496 2012-05-18] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2522840 2013-11-19] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27888 2013-10-20] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-04-20] (Duplex Secure Ltd.) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv.sys [2465144 2013-10-20] (Sunplus Technology) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-09-10] (The OpenVPN Project) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software) U3 a5mt0ize; C:\Windows\system32\Drivers\a5mt0ize.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero byte File/Folder) U3 ac64avot; C:\Windows\system32\Drivers\ac64avot.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero byte File/Folder) S2 adfs; No ImagePath R4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 22:45 - 2015-07-02 22:45 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-07-02 22:45 - 2015-07-02 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-02 22:45 - 2015-07-02 22:45 - 00000000 ____D C:\Program Files\Common Files\Java 2015-07-02 22:42 - 2015-07-02 22:42 - 00562272 _____ (Oracle Corporation) C:\Users\user\Downloads\chromeinstall-8u45 (2).exe 2015-07-02 22:30 - 2015-07-02 23:04 - 00029531 _____ C:\Users\user\Downloads\FRST.txt 2015-07-02 22:30 - 2015-07-02 23:03 - 00000000 ____D C:\FRST 2015-07-02 22:30 - 2015-07-02 22:30 - 01636352 _____ (Farbar) C:\Users\user\Downloads\FRST.exe 2015-07-02 22:27 - 2015-07-02 22:27 - 00415232 _____ (Farbar) C:\Users\user\Downloads\FSS.exe 2015-07-02 22:27 - 2015-07-02 22:27 - 00002758 _____ C:\Users\user\Downloads\FSS.txt 2015-07-02 22:25 - 2015-07-02 22:25 - 01169408 _____ (wj32) C:\Program Files\2MAUEYMM.exe 2015-07-02 22:25 - 2015-07-02 22:25 - 01169408 _____ (wj32) C:\Program Files\2KAUE2MK.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 01169408 _____ (wj32) C:\Program Files\J3RFZN7B.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 01169408 _____ (wj32) C:\Program Files\EYI6KEY2.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 01169408 _____ (wj32) C:\Program Files\7RBZJ3NF.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 01169408 _____ (wj32) C:\Program Files\2M6KEYII.exe 2015-07-02 22:21 - 2015-07-02 22:21 - 01169408 _____ (wj32) C:\Program Files\3RBVF3N7.exe 2015-07-02 22:20 - 2015-07-02 22:20 - 01169408 _____ (wj32) C:\Program Files\ZN7RBZJN.exe 2015-07-02 22:20 - 2015-07-02 22:20 - 01169408 _____ (wj32) C:\Program Files\VFZJ7RBB.exe 2015-07-02 22:19 - 2015-07-02 22:19 - 00002023 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk 2015-07-02 22:19 - 2015-07-02 22:19 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-07-02 22:19 - 2015-07-02 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security 2015-07-02 22:17 - 2015-07-02 22:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-07-02 22:17 - 2015-07-02 22:17 - 00000000 ____D C:\Windows\ELAMBKUP 2015-07-02 22:17 - 2015-07-02 22:17 - 00000000 ____D C:\Program Files\Kaspersky Lab 2015-07-02 22:16 - 2014-12-13 18:21 - 00699576 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2015-07-02 22:16 - 2014-11-28 18:19 - 00120008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2015-07-02 22:16 - 2014-10-22 21:13 - 00036040 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys 2015-07-02 22:13 - 2015-07-02 22:13 - 06565352 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup507pro.exe 2015-07-02 22:08 - 2015-07-02 22:13 - 196444992 _____ (Kaspersky Lab) C:\Users\user\Downloads\kts15.0.2.361en_7342.exe 2015-07-02 22:03 - 2015-07-02 22:03 - 01169408 _____ (wj32) C:\Program Files\UEYM6UEI.exe 2015-07-02 22:03 - 2015-07-02 22:03 - 01169408 _____ (wj32) C:\Program Files\N7RBZJJN.exe 2015-07-02 22:03 - 2015-07-02 22:03 - 01169408 _____ (wj32) C:\Program Files\FZJ7RBVJ.exe 2015-07-02 21:51 - 2015-07-02 22:18 - 00005401 _____ C:\Windows\WindowsUpdate.log 2015-07-02 21:49 - 2015-07-02 21:49 - 01169408 _____ (wj32) C:\Program Files\UE2MAUEY.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 01169408 _____ (wj32) C:\Program Files\M6KAYI2M.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 01169408 _____ (wj32) C:\Program Files\J3RBVFJN.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 01169408 _____ (wj32) C:\Program Files\J3RBVF3N.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 01169408 _____ (wj32) C:\Program Files\FZJ7RFZ3.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 01169408 _____ (wj32) C:\Program Files\BZJ3NBVB.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 01169408 _____ (wj32) C:\Program Files\6KAYI2MK.exe 2015-07-02 21:47 - 2015-07-02 21:47 - 01169408 _____ (wj32) C:\Program Files\F3NBVFZ3.exe 2015-07-02 21:47 - 2015-07-02 21:47 - 00000056 _____ C:\Windows\setupact.log 2015-07-02 21:47 - 2015-07-02 21:47 - 00000000 _____ C:\Windows\setuperr.log 2015-07-02 21:28 - 2015-07-02 21:28 - 00000000 ____D C:\Users\user\AppData\Local\Avg2015 2015-07-02 21:25 - 2015-07-02 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-07-02 21:25 - 2015-07-02 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-07-02 21:25 - 2015-07-02 21:51 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit 2015-07-02 21:18 - 2015-07-02 21:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-02 09:45 - 2015-07-02 09:45 - 05198336 _____ (AVAST Software) C:\Users\user\Downloads\aswMBR.exe 2015-07-02 09:25 - 2015-07-02 09:35 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-02 09:25 - 2015-07-02 09:25 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-07-02 09:25 - 2015-07-02 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-02 09:25 - 2015-07-02 09:25 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-07-02 09:25 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-02 09:25 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-02 09:24 - 2015-07-02 09:25 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.1.8.1057.exe 2015-07-02 09:22 - 2015-07-02 09:22 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\user\Downloads\rkill.com 2015-07-02 08:35 - 2015-07-02 08:35 - 00000000 ____D C:\Program Files\AVG 2015-07-02 08:32 - 2015-07-02 21:59 - 00000000 ____D C:\ProgramData\MFAData 2015-07-02 08:32 - 2015-07-02 08:32 - 00000000 ____D C:\Users\user\AppData\Local\MFAData 2015-07-02 08:04 - 2015-07-02 08:04 - 01169408 _____ (wj32) C:\Program Files\ZJ7RBVJ7.exe 2015-07-02 08:04 - 2015-07-02 08:04 - 01169408 _____ (wj32) C:\Program Files\NZ37BNN7.exe 2015-07-02 08:04 - 2015-07-02 08:04 - 01169408 _____ (wj32) C:\Program Files\KEYI2KAE.exe 2015-07-02 08:03 - 2015-07-02 08:03 - 01169408 _____ (wj32) C:\Program Files\BVF3N7VJ.exe 2015-07-01 15:59 - 2015-07-01 16:00 - 11588952 _____ (Microsoft Corporation) C:\Users\user\Downloads\mseinstall.exe 2015-07-01 15:47 - 2015-07-01 15:47 - 01169408 _____ (wj32) C:\Program Files\VJ3N7VF3.exe 2015-07-01 15:47 - 2015-07-01 15:47 - 01169408 _____ (wj32) C:\Program Files\RBZJ3NBB.exe 2015-07-01 15:35 - 2015-07-01 15:35 - 01169408 _____ (wj32) C:\Program Files\VFZN7RB3.exe 2015-07-01 15:35 - 2015-07-01 15:35 - 01169408 _____ (wj32) C:\Program Files\RFZN7RBB.exe 2015-07-01 12:28 - 2015-07-01 12:28 - 01169408 _____ (wj32) C:\Program Files\XL5P9XHH.exe 2015-07-01 12:28 - 2015-07-01 12:28 - 01169408 _____ (wj32) C:\Program Files\UEYI2KAY.exe 2015-07-01 12:28 - 2015-07-01 12:28 - 01169408 _____ (wj32) C:\Program Files\1L5PDXH5.exe 2015-07-01 12:20 - 2015-07-01 12:20 - 01169408 _____ (wj32) C:\Program Files\YM2KAUEI.exe 2015-07-01 12:19 - 2015-07-01 12:19 - 01169408 _____ (wj32) C:\Program Files\TD1L5PDD.exe 2015-07-01 08:57 - 2015-07-01 08:57 - 01169408 _____ (wj32) C:\Program Files\2M6KEYI2.exe 2015-07-01 08:49 - 2015-07-01 08:49 - 01169408 _____ (wj32) C:\Program Files\KE2AI6KK.exe 2015-06-30 16:00 - 2015-06-30 16:00 - 00012077 _____ C:\Users\user\Downloads\Det.shk.kl.2d.xlsx 2015-06-30 08:29 - 2015-06-30 08:29 - 01169408 _____ (wj32) C:\Program Files\IUAIYAMU.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\K26AEKUY.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\I2MAUEYK.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\FZN7RFZJ.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\F3N7RFZN.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\BVF3N7RF.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\7BFRVZ3F.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 01169408 _____ (wj32) C:\Program Files\3N7VFZJ7.exe 2015-06-30 08:26 - 2015-06-30 08:26 - 01169408 _____ (wj32) C:\Program Files\N7RFZJ3V.exe 2015-06-30 08:26 - 2015-06-30 08:26 - 01169408 _____ (wj32) C:\Program Files\J7RBVJ3N.exe 2015-06-30 08:26 - 2015-06-30 08:26 - 01169408 _____ (wj32) C:\Program Files\3FJNZ37F.exe 2015-06-29 13:42 - 2015-06-29 13:42 - 01169408 _____ (wj32) C:\Program Files\2M6UE2MA.exe 2015-06-29 09:21 - 2015-06-29 09:21 - 01169408 _____ (wj32) C:\Program Files\FZN7VFZJ.exe 2015-06-29 09:13 - 2015-06-29 09:17 - 01169408 _____ (wj32) C:\Program Files\BZJ3NBVF.exe 2015-06-25 09:37 - 2015-06-25 09:37 - 02807950 _____ C:\Users\user\Downloads\wasted.mp4 2015-06-25 09:36 - 2015-06-25 09:36 - 00210889 _____ C:\Users\user\Downloads\AihfGncREK7TD-cP_P0DdJIxkn6P-1ICB4M6ew6ybiNs.mp4 2015-06-25 09:27 - 2015-06-25 09:27 - 01169408 _____ (wj32) C:\Program Files\M6KAYI2K.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\XH5P9TH5.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\KAP9O8MG.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\H1L5T1LP.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\9XH1L9TH.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\6UEYI6KK.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\6UEYI666.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\6KEYI266.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\5HX9LXD5.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\2KAUE2M6.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\0Y18697L.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\YY2AAIM6.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\YMUEYM66.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\YM6KAYYI.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\XCWAP9OH.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\UY66AAIY.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\U6AEIUYA.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\MY26AMKY.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\EIUYAEII.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\EIUY26IU.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\4GECADKN.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\2KAUI2M6.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 01169408 _____ (wj32) C:\Program Files\26IMKU6I.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\UI2M6EY2.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\MKU6AMKY.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\L5PDXHLL.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\IMK26AEY.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\EYM6KAYA.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\ELJMKIPP.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\DXL5P9XX.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\D1L9XH5L.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\AEIUY26K.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\9TDXL559.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 01169408 _____ (wj32) C:\Program Files\5P9TH1LP.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 01169408 _____ (wj32) C:\Program Files\M6KEYI22.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 01169408 _____ (wj32) C:\Program Files\I2M6UE22.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 01169408 _____ (wj32) C:\Program Files\E2M6KEY6.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 01169408 _____ (wj32) C:\Program Files\1L5PDXH9.exe 2015-06-24 09:11 - 2015-06-24 09:11 - 01169408 _____ (wj32) C:\Program Files\YI6KE6KU.exe 2015-06-24 09:11 - 2015-06-24 09:11 - 01169408 _____ (wj32) C:\Program Files\T59LX1DD.exe 2015-06-24 09:11 - 2015-06-24 09:11 - 01169408 _____ (wj32) C:\Program Files\MAUEYM6M.exe 2015-06-24 09:10 - 2015-06-24 09:10 - 01169408 _____ (wj32) C:\Program Files\H1P9TD5H.exe 2015-06-24 09:10 - 2015-06-24 09:10 - 01169408 _____ (wj32) C:\Program Files\6KAUI2M6.exe 2015-06-23 16:25 - 2015-06-23 16:25 - 02496902 _____ C:\Users\user\Downloads\tan-mezja.mp4 2015-06-23 15:35 - 2015-06-23 15:36 - 01903639 _____ C:\Users\user\Downloads\Tan Mezja sulmon Inzaghi n.mp4 2015-06-23 10:27 - 2015-06-23 10:27 - 01169408 _____ (wj32) C:\Program Files\U6IYAMYE.exe 2015-06-23 10:19 - 2015-06-24 09:12 - 01169408 _____ (wj32) C:\Program Files\YM6KAYI2.exe 2015-06-23 10:19 - 2015-06-23 10:19 - 01169408 _____ (wj32) C:\Program Files\CEA614ZI.exe 2015-06-23 10:18 - 2015-06-25 09:26 - 01169408 _____ (wj32) C:\Program Files\UI2M6UE2.exe 2015-06-23 10:18 - 2015-06-23 10:18 - 01169408 _____ (wj32) C:\Program Files\EYM6UEYY.exe 2015-06-23 10:18 - 2015-06-23 10:18 - 01169408 _____ (wj32) C:\Program Files\6UEYI2MI.exe 2015-06-19 14:39 - 2015-06-19 14:40 - 994449510 _____ C:\Users\user\Downloads\Get Hard (2015) EXTENDED HD 720p Filma24-AL.com.mp4 2015-06-19 13:56 - 2015-06-19 13:56 - 03261070 _____ C:\Users\user\Downloads\Teorema e Pitagores.mp4 2015-06-17 19:46 - 2015-06-17 20:12 - 961676190 _____ C:\Users\user\Downloads\Khoobsurat 2014 Hindi 720p DvDRip x264 AAC...Hon3y.mp4 2015-06-14 19:52 - 2015-06-14 19:53 - 383118036 _____ C:\Users\user\Downloads\Attachments_2015217.zip 2015-06-12 10:20 - 2015-06-12 10:20 - 00009197 _____ C:\Users\user\Documents\Output2spv.spv 2015-06-11 16:21 - 2015-06-11 16:21 - 00000000 ____D C:\Users\user\AppData\Local\IBM 2015-06-11 16:20 - 2015-06-11 16:20 - 00001232 _____ C:\Users\Public\Desktop\IBM SPSS Statistics 20.lnk 2015-06-11 15:40 - 2015-06-11 15:40 - 00562272 _____ (Oracle Corporation) C:\Users\user\Downloads\chromeinstall-8u45 (1).exe 2015-06-11 15:39 - 2015-06-11 15:39 - 00562272 _____ (Oracle Corporation) C:\Users\user\Downloads\chromeinstall-8u45.exe 2015-06-10 22:39 - 2015-06-10 22:39 - 00710144 _____ C:\Users\user\Downloads\projekti-shkrimi-akademik-perfudimtar.ppt 2015-06-10 22:38 - 2015-06-10 22:38 - 98947072 __RSH (Kareo) C:\Users\user\AppData\Roaming\obekdjgjih.exe 2015-06-10 22:28 - 2015-06-11 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics 2015-06-10 22:25 - 2015-06-11 16:18 - 00000000 ____D C:\Program Files\IBM 2015-06-10 09:53 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 09:53 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 09:53 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 09:53 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 09:53 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 09:53 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 09:53 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 09:53 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 09:53 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 09:53 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 09:53 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 09:53 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 09:53 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 09:53 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 09:53 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 09:53 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 09:53 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 09:53 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 09:53 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 09:53 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 09:53 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 09:53 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 09:53 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 09:52 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 09:52 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 09:52 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 09:52 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 09:52 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 09:52 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 09:52 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 09:52 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 09:52 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 09:43 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 09:43 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 09:43 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 09:42 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 09:41 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-10 09:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-06-10 09:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 09:40 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 09:40 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 09:40 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 09:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 09:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 09:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 09:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 09:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 09:40 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 09:39 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 09:39 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 09:39 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 09:39 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 09:39 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 09:39 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 09:39 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 09:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 09:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 09:39 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 09:39 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-09 16:30 - 2015-06-09 16:30 - 00000000 ____D C:\Users\user\Downloads\russo_one 2015-06-09 16:28 - 2015-06-09 16:28 - 00061493 _____ C:\Users\user\Downloads\russo_one.zip 2015-06-08 09:46 - 2015-06-08 09:46 - 02846339 _____ C:\Users\user\Downloads\design-a-tshirt.zip 2015-06-08 09:01 - 2015-06-08 09:01 - 02120491 _____ C:\Users\user\Downloads\start_illustrator_create-logo.zip 2015-06-08 08:05 - 2015-06-08 08:05 - 00001601 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC.lnk 2015-06-08 08:04 - 2015-06-08 08:04 - 00000000 ____D C:\ProgramData\ALM 2015-06-05 22:28 - 2015-06-05 22:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2015-06-05 22:20 - 2015-06-11 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\user\Documents\SelfMV 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\user\Documents\samsung 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\user\AppData\Roaming\Samsung 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2015-06-05 22:20 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll 2015-06-05 22:18 - 2014-06-16 08:01 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2015-06-05 22:18 - 2014-06-16 08:01 - 00581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2015-06-05 22:18 - 2014-06-16 08:01 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2015-06-05 22:18 - 2014-06-16 08:01 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2015-06-05 22:15 - 2015-06-05 22:19 - 00000000 ____D C:\Program Files\SAMSUNG 2015-06-05 22:13 - 2015-06-05 22:13 - 00000000 ____D C:\ProgramData\Samsung 2015-06-05 22:00 - 2015-06-05 22:01 - 13054668 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\user\Downloads\30DB.tmp 2015-06-03 16:49 - 2015-06-03 16:49 - 00000000 ____D C:\Program Files\Strogino CS Portal 2015-06-02 23:48 - 2015-06-02 23:48 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin 2015-06-02 23:40 - 2015-06-02 23:40 - 00000000 ____D C:\Users\user\Documents\Projekt fizike 2015-06-02 21:32 - 2015-06-02 21:38 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-02 19:20 - 2015-06-02 19:20 - 00000000 ____D C:\ProgramData\USBSecurity 2015-06-02 19:12 - 2015-06-02 23:21 - 00000000 ____D C:\Program Files\Badoo Notifications Extension 2015-06-02 19:04 - 2015-06-02 19:12 - 00000000 ____D C:\ProgramData\9521885257818596975 2015-06-02 19:03 - 2015-06-02 23:21 - 00000000 ____D C:\Program Files\PrricceMinusu 2015-06-02 19:02 - 2015-06-07 10:13 - 00000000 ____D C:\ProgramData\{967f1bb1-df5b-f66b-967f-f1bb1df56ec7} ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 22:44 - 2014-01-26 12:30 - 00000000 ____D C:\Program Files\Java 2015-07-02 22:27 - 2012-09-28 16:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-02 22:22 - 2012-11-06 21:41 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-02 22:20 - 2013-08-04 16:11 - 00000000 ____D C:\Program Files\CCleaner 2015-07-02 22:19 - 2014-06-07 14:20 - 00000000 ____D C:\Users\HomeGroupUser$ 2015-07-02 22:19 - 2014-06-07 14:20 - 00000000 ____D C:\Users\Guest 2015-07-02 22:19 - 2014-06-07 14:20 - 00000000 ____D C:\Users\Administrator 2015-07-02 22:19 - 2013-08-04 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-07-02 22:19 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-07-02 22:15 - 2014-05-18 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-07-02 22:15 - 2014-05-18 10:39 - 00000000 ____D C:\Program Files\Sony 2015-07-02 22:11 - 2015-02-16 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visible Body 2015-07-02 22:11 - 2015-02-16 20:23 - 00000000 ____D C:\Program Files\Visible Body 2015-07-02 22:05 - 2012-09-28 16:25 - 00002115 _____ C:\Windows\epplauncher.mif 2015-07-02 21:57 - 2009-07-14 06:34 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-02 21:57 - 2009-07-14 06:34 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-02 21:49 - 2012-12-10 17:43 - 00000431 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-07-02 21:47 - 2012-11-06 21:41 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-02 21:47 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-02 21:45 - 2012-12-11 19:41 - 00282624 ___SH C:\Users\user\Thumbs.db 2015-07-02 21:42 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\AppData\Roaming\IDM 2015-07-02 21:41 - 2013-07-09 14:14 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2015-07-02 21:27 - 2012-10-27 16:26 - 00000000 ____D C:\Users\user\AppData\Roaming\BitTorrent 2015-07-02 08:36 - 2013-04-27 08:38 - 00000000 ____D C:\Users\user\AppData\Roaming\TuneUp Software 2015-07-01 21:14 - 2012-09-28 20:42 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-29 14:00 - 2013-11-15 17:26 - 00000000 ____D C:\Program Files\TeamViewer 2015-06-27 01:00 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\AppData\Roaming\DMCache 2015-06-26 23:47 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\Downloads\Video 2015-06-26 09:26 - 2015-02-12 17:08 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-06-25 09:31 - 2014-07-23 20:51 - 00000000 ____D C:\Users\user\Documents\Word 2015-06-24 12:27 - 2012-09-28 16:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-24 12:27 - 2012-09-28 16:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-23 15:46 - 2012-11-22 22:57 - 04709888 ___SH C:\Users\user\Downloads\Thumbs.db 2015-06-22 21:24 - 2014-10-18 16:35 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-19 21:09 - 2014-04-25 16:14 - 00000000 __SHD C:\Users\user\AppData\Local\EmieUserList 2015-06-19 21:09 - 2014-04-25 16:14 - 00000000 __SHD C:\Users\user\AppData\Local\EmieSiteList 2015-06-19 00:50 - 2013-07-10 17:41 - 00000000 ____D C:\Windows\system32\MRT 2015-06-18 01:06 - 2012-10-27 14:58 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc 2015-06-16 10:38 - 2013-07-05 21:43 - 00000000 ____D C:\Games 2015-06-15 17:52 - 2012-12-04 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-06-12 01:08 - 2012-09-28 20:51 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-11 16:23 - 2015-01-26 14:45 - 00000000 ____D C:\Users\user\Documents\SPSSInc 2015-06-11 16:21 - 2015-05-24 18:56 - 00000000 ____D C:\Users\user\AppData\Local\javasharedresources 2015-06-11 08:34 - 2009-07-14 06:33 - 03912816 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-10 23:11 - 2012-09-28 16:48 - 00125088 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-10 22:25 - 2015-05-16 15:28 - 00000219 _____ C:\Windows\system32\lsprst7.tgz 2015-06-10 22:25 - 2015-05-16 15:28 - 00000205 _____ C:\Windows\system32\lsprst7.dll 2015-06-10 22:25 - 2015-05-16 15:28 - 00000016 ____H C:\Windows\system32\servdat.slm 2015-06-10 19:12 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2015-06-10 13:56 - 2014-07-23 20:50 - 00000000 ____D C:\Users\user\Documents\Powerpoint 2015-06-10 13:17 - 2015-04-16 14:55 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-10 13:17 - 2014-05-06 22:16 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-10 11:41 - 2009-07-14 04:04 - 00000580 _____ C:\Windows\win.ini 2015-06-08 09:38 - 2012-10-27 13:29 - 00000000 ____D C:\Users\user\AppData\Roaming\Adobe 2015-06-08 08:05 - 2013-05-16 10:44 - 00000000 ____D C:\AdobeTemp 2015-06-08 08:05 - 2013-03-20 22:52 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-06-08 08:04 - 2012-10-28 09:31 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-06-08 08:01 - 2012-10-28 09:37 - 00000000 ____D C:\Program Files\Adobe 2015-06-07 09:26 - 2013-09-12 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-06-05 22:20 - 2012-12-15 22:20 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-06-05 15:29 - 2015-05-06 19:40 - 00000000 ____D C:\Users\user\Documents\Projekt korrupsioni 2015-06-03 17:08 - 2013-07-10 17:03 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-02 23:46 - 2014-12-13 14:01 - 00000000 ____D C:\Program Files\Connectify 2015-06-02 23:46 - 2013-01-01 12:38 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Pro 2015-06-02 23:46 - 2012-11-09 18:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Media Player Classic 2015-06-02 23:21 - 2014-08-02 19:31 - 00000000 ____D C:\Users\user\AppData\Local\8793 2015-06-02 23:21 - 2013-07-24 14:18 - 00000000 ____D C:\Program Files\CamStudio 2.7 2015-06-02 22:35 - 2015-03-27 10:23 - 00000000 ____D C:\Users\user\Documents\Historia 2015-06-02 18:54 - 2014-09-30 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimpleOCR ==================== Files in the root of some directories ======= 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\0Y18697L.exe 2015-07-01 12:28 - 2015-07-01 12:28 - 1169408 _____ (wj32) C:\Program Files\1L5PDXH5.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 1169408 _____ (wj32) C:\Program Files\1L5PDXH9.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\26IMKU6I.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\2KAUE2M6.exe 2015-07-02 22:25 - 2015-07-02 22:25 - 1169408 _____ (wj32) C:\Program Files\2KAUE2MK.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\2KAUI2M6.exe 2015-07-01 08:57 - 2015-07-01 08:57 - 1169408 _____ (wj32) C:\Program Files\2M6KEYI2.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 1169408 _____ (wj32) C:\Program Files\2M6KEYII.exe 2015-06-29 13:42 - 2015-06-29 13:42 - 1169408 _____ (wj32) C:\Program Files\2M6UE2MA.exe 2015-07-02 22:25 - 2015-07-02 22:25 - 1169408 _____ (wj32) C:\Program Files\2MAUEYMM.exe 2015-06-30 08:26 - 2015-06-30 08:26 - 1169408 _____ (wj32) C:\Program Files\3FJNZ37F.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\3N7VFZJ7.exe 2015-07-02 22:21 - 2015-07-02 22:21 - 1169408 _____ (wj32) C:\Program Files\3RBVF3N7.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\4GECADKN.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\5HX9LXD5.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\5P9TH1LP.exe 2015-06-24 09:10 - 2015-06-24 09:10 - 1169408 _____ (wj32) C:\Program Files\6KAUI2M6.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 1169408 _____ (wj32) C:\Program Files\6KAYI2MK.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\6KEYI266.exe 2015-06-23 10:18 - 2015-06-23 10:18 - 1169408 _____ (wj32) C:\Program Files\6UEYI2MI.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\6UEYI666.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\6UEYI6KK.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\7BFRVZ3F.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 1169408 _____ (wj32) C:\Program Files\7RBZJ3NF.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\9TDXL559.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\9XH1L9TH.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\AEIUY26K.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\BVF3N7RF.exe 2015-07-02 08:03 - 2015-07-02 08:03 - 1169408 _____ (wj32) C:\Program Files\BVF3N7VJ.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 1169408 _____ (wj32) C:\Program Files\BZJ3NBVB.exe 2015-06-29 09:13 - 2015-06-29 09:17 - 1169408 _____ (wj32) C:\Program Files\BZJ3NBVF.exe 2015-06-23 10:19 - 2015-06-23 10:19 - 1169408 _____ (wj32) C:\Program Files\CEA614ZI.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\D1L9XH5L.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\DXL5P9XX.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 1169408 _____ (wj32) C:\Program Files\E2M6KEY6.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\EIUY26IU.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\EIUYAEII.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\ELJMKIPP.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 1169408 _____ (wj32) C:\Program Files\EYI6KEY2.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\EYM6KAYA.exe 2015-06-23 10:18 - 2015-06-23 10:18 - 1169408 _____ (wj32) C:\Program Files\EYM6UEYY.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\F3N7RFZN.exe 2015-07-02 21:47 - 2015-07-02 21:47 - 1169408 _____ (wj32) C:\Program Files\F3NBVFZ3.exe 2015-07-02 22:03 - 2015-07-02 22:03 - 1169408 _____ (wj32) C:\Program Files\FZJ7RBVJ.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 1169408 _____ (wj32) C:\Program Files\FZJ7RFZ3.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\FZN7RFZJ.exe 2015-06-29 09:21 - 2015-06-29 09:21 - 1169408 _____ (wj32) C:\Program Files\FZN7VFZJ.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\H1L5T1LP.exe 2015-06-24 09:10 - 2015-06-24 09:10 - 1169408 _____ (wj32) C:\Program Files\H1P9TD5H.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 1169408 _____ (wj32) C:\Program Files\I2M6UE22.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\I2MAUEYK.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\IMK26AEY.exe 2015-06-30 08:29 - 2015-06-30 08:29 - 1169408 _____ (wj32) C:\Program Files\IUAIYAMU.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 1169408 _____ (wj32) C:\Program Files\J3RBVF3N.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 1169408 _____ (wj32) C:\Program Files\J3RBVFJN.exe 2015-07-02 22:24 - 2015-07-02 22:24 - 1169408 _____ (wj32) C:\Program Files\J3RFZN7B.exe 2015-06-30 08:26 - 2015-06-30 08:26 - 1169408 _____ (wj32) C:\Program Files\J7RBVJ3N.exe 2015-06-30 08:27 - 2015-06-30 08:27 - 1169408 _____ (wj32) C:\Program Files\K26AEKUY.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\KAP9O8MG.exe 2015-07-01 08:49 - 2015-07-01 08:49 - 1169408 _____ (wj32) C:\Program Files\KE2AI6KK.exe 2015-07-02 08:04 - 2015-07-02 08:04 - 1169408 _____ (wj32) C:\Program Files\KEYI2KAE.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\L5PDXHLL.exe 2015-06-25 09:27 - 2015-06-25 09:27 - 1169408 _____ (wj32) C:\Program Files\M6KAYI2K.exe 2015-07-02 21:48 - 2015-07-02 21:48 - 1169408 _____ (wj32) C:\Program Files\M6KAYI2M.exe 2015-06-24 09:12 - 2015-06-24 09:12 - 1169408 _____ (wj32) C:\Program Files\M6KEYI22.exe 2015-06-24 09:11 - 2015-06-24 09:11 - 1169408 _____ (wj32) C:\Program Files\MAUEYM6M.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\MKU6AMKY.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\MY26AMKY.exe 2015-07-02 22:03 - 2015-07-02 22:03 - 1169408 _____ (wj32) C:\Program Files\N7RBZJJN.exe 2015-06-30 08:26 - 2015-06-30 08:26 - 1169408 _____ (wj32) C:\Program Files\N7RFZJ3V.exe 2015-07-02 08:04 - 2015-07-02 08:04 - 1169408 _____ (wj32) C:\Program Files\NZ37BNN7.exe 2015-07-01 15:47 - 2015-07-01 15:47 - 1169408 _____ (wj32) C:\Program Files\RBZJ3NBB.exe 2015-07-01 15:35 - 2015-07-01 15:35 - 1169408 _____ (wj32) C:\Program Files\RFZN7RBB.exe 2015-06-24 09:11 - 2015-06-24 09:11 - 1169408 _____ (wj32) C:\Program Files\T59LX1DD.exe 2015-07-01 12:19 - 2015-07-01 12:19 - 1169408 _____ (wj32) C:\Program Files\TD1L5PDD.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\U6AEIUYA.exe 2015-06-23 10:27 - 2015-06-23 10:27 - 1169408 _____ (wj32) C:\Program Files\U6IYAMYE.exe 2015-07-02 21:49 - 2015-07-02 21:49 - 1169408 _____ (wj32) C:\Program Files\UE2MAUEY.exe 2015-07-01 12:28 - 2015-07-01 12:28 - 1169408 _____ (wj32) C:\Program Files\UEYI2KAY.exe 2015-07-02 22:03 - 2015-07-02 22:03 - 1169408 _____ (wj32) C:\Program Files\UEYM6UEI.exe 2015-06-25 09:24 - 2015-06-25 09:24 - 1169408 _____ (wj32) C:\Program Files\UI2M6EY2.exe 2015-06-23 10:18 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\UI2M6UE2.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\UY66AAIY.exe 2015-07-02 22:20 - 2015-07-02 22:20 - 1169408 _____ (wj32) C:\Program Files\VFZJ7RBB.exe 2015-07-01 15:35 - 2015-07-01 15:35 - 1169408 _____ (wj32) C:\Program Files\VFZN7RB3.exe 2015-07-01 15:47 - 2015-07-01 15:47 - 1169408 _____ (wj32) C:\Program Files\VJ3N7VF3.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\XCWAP9OH.exe 2015-06-25 09:26 - 2015-06-25 09:26 - 1169408 _____ (wj32) C:\Program Files\XH5P9TH5.exe 2015-07-01 12:28 - 2015-07-01 12:28 - 1169408 _____ (wj32) C:\Program Files\XL5P9XHH.exe 2015-06-24 09:11 - 2015-06-24 09:11 - 1169408 _____ (wj32) C:\Program Files\YI6KE6KU.exe 2015-07-01 12:20 - 2015-07-01 12:20 - 1169408 _____ (wj32) C:\Program Files\YM2KAUEI.exe 2015-06-23 10:19 - 2015-06-24 09:12 - 1169408 _____ (wj32) C:\Program Files\YM6KAYI2.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\YM6KAYYI.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\YMUEYM66.exe 2015-06-25 09:25 - 2015-06-25 09:25 - 1169408 _____ (wj32) C:\Program Files\YY2AAIM6.exe 2015-07-02 08:04 - 2015-07-02 08:04 - 1169408 _____ (wj32) C:\Program Files\ZJ7RBVJ7.exe 2015-07-02 22:20 - 2015-07-02 22:20 - 1169408 _____ (wj32) C:\Program Files\ZN7RBZJN.exe 2014-05-16 08:11 - 2014-05-16 08:13 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG Format CS6 Prefs 2013-07-24 14:26 - 2014-05-16 09:17 - 0000124 _____ () C:\Users\user\AppData\Roaming\Camdata.ini 2013-07-24 14:26 - 2014-05-16 09:17 - 0000408 _____ () C:\Users\user\AppData\Roaming\CamLayout.ini 2013-07-24 14:26 - 2014-05-16 09:17 - 0000408 _____ () C:\Users\user\AppData\Roaming\CamShapes.ini 2013-07-24 14:26 - 2014-05-16 09:17 - 0004545 _____ () C:\Users\user\AppData\Roaming\CamStudio.cfg 2014-01-31 01:09 - 2014-01-31 01:35 - 0132940 _____ () C:\Users\user\AppData\Roaming\ICARE.LOG 2014-01-31 01:09 - 2014-01-31 01:09 - 0000160 _____ () C:\Users\user\AppData\Roaming\ICARE_ACTIVITY.LOG 2013-10-03 17:12 - 2013-10-03 17:12 - 0000132 _____ () C:\Users\user\AppData\Roaming\N14653HNB99SRJrmdir.bat 2015-06-10 22:38 - 2015-06-10 22:38 - 98947072 __RSH (Kareo) C:\Users\user\AppData\Roaming\obekdjgjih.exe 2013-08-26 14:29 - 2013-08-26 14:29 - 0099678 _____ () C:\Users\user\AppData\Roaming\seesimilar.ico 2013-09-10 16:04 - 2013-09-10 16:06 - 57156535 ____N ( ) C:\Users\user\AppData\Roaming\setup.exe 2014-02-08 23:32 - 2014-05-16 09:11 - 0000096 _____ () C:\Users\user\AppData\Roaming\version2.xml 2012-12-02 19:49 - 2014-04-22 11:27 - 0009728 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-16 23:45 - 2015-02-16 23:47 - 0003072 _____ () C:\Users\user\AppData\Local\file__0.localstorage 2013-06-25 12:54 - 2013-06-25 12:54 - 0010079 _____ () C:\Users\user\AppData\Local\HWVendorDetection.log 2015-03-01 10:19 - 2015-03-01 10:19 - 0000218 _____ () C:\Users\user\AppData\Local\recently-used.xbel 2013-03-28 14:21 - 2013-08-21 14:32 - 0007597 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2013-08-24 12:51 - 2013-08-24 12:51 - 0000003 _____ () C:\Users\user\AppData\Local\updater.log 2013-08-24 12:51 - 2015-04-23 23:03 - 0000412 _____ () C:\Users\user\AppData\Local\UserProducts.xml 2013-10-20 10:47 - 2013-10-20 10:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\user\AppData\Local\Temp\cdo1119992213.dll C:\Users\user\AppData\Local\Temp\cdo1781520824.dll C:\Users\user\AppData\Local\Temp\cdo3668229923.dll C:\Users\user\AppData\Local\Temp\cdo4238916293.dll C:\Users\user\AppData\Local\Temp\mpam-67523d0f.exe C:\Users\user\AppData\Local\Temp\pploykpp.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-23 19:11 ==================== End of log ============================