Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Cant start any antivirus software on my pc! [Solved]

Started by Sanket , Jun 30 2015 10:50 AM

Antivirus malware windows 8.1

This topic is locked

#1
Sanket

Posted 30 June 2015 - 10:50 AM

Member

Member
15 posts

Hi,

Since couple of days i am trying to scan my pc and realized that the antivirus software that i had purchased has stopped scanning. When i try to open it, it will not open. I tried reinstalling it, but the result was the same. Also i uninstalled and tried installing few other antivirus software's and malware's but none would start. Can anyone help me out with this problem?

#2
Essexboy

Posted 30 June 2015 - 10:57 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi there, first I will need to take a look see

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Select additions at the bottom
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please attach both logs generated.

#3
Sanket

Posted 30 June 2015 - 11:32 AM

Member

Topic Starter
Member
15 posts

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01

Ran by User (administrator) on DELL on 30-06-2015 22:58:10

Running from C:\Users\User\Desktop

Loaded Profiles: User (Available Profiles: User)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Airtel NetXpert\bin\sprtsvc.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Airtel NetXpert\bin\tgsrvc.exe

(Microsoft Corporation) C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\livecomm.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe

(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe

(WordWeb Software) C:\Program Files (x86)\WordWeb\wweb32.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Airtel NetXpert\bin\sprtcmd.exe

() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\nacl64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6592208 2014-11-25] (SoftPerfect Research)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-06] (Synaptics Incorporated)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [393480 2015-03-19] ()

HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"

HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-10] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-30] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-30] (Adobe Systems Inc.)

HKLM-x32\...\Run: [netxpert] => C:\Program Files (x86)\Airtel NetXpert\bin\sprtcmd.exe [206120 2011-06-03] (SupportSoft, Inc.)

HKLM-x32\...\Run: [SmartWeb] => C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe

HKLM-x32\...\Run: [BaiduSdTray] => "C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe" -stmd=3

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-02] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)

HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()

Winlogon\Notify\igfxcui: igfxdev.dll [X]

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Run: [WordWeb] => C:\Program Files (x86)\WordWeb\wweb32.exe [77056 2013-05-17] (WordWeb Software)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Run: [Dropbox Update] => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\CurrentVersion\Windows: [Load] C:\ProgramData\msboivr.exe <===== ATTENTION

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\MountPoints2: {98d4de9a-f64b-11e4-beb5-645a0485acdb} - "G:\HTC_Sync_Manager_PC.exe"

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-18]

ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-06-29]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winserv.lnk [2015-06-29]

ShortcutTarget: Winserv.lnk -> C:\Windows\pcpps\CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe ()

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled

ProxyServer: [.DEFAULT] => http=127.0.0.1:58531;https=127.0.0.1:58531

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysear...q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysear...q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<HTML><HEAD>

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<HTML><HEAD>

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysear...q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysear...q={searchTerms}

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.omniboxes...q={searchTerms}

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-in/?ocid=iehp

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<HTML><HEAD>

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.omniboxes...q={searchTerms}

SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> DefaultScope {A0352F78-E89C-46CA-873F-ADD222900DED} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {A0352F78-E89C-46CA-873F-ADD222900DED} URL = http://www.luckysear...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.luckysear...q={searchTerms}

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)

BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)

BHO-x32: WebMonBHO -> {15DEE173-1BE9-4424-81E0-58A87076E9B1} -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\websafe\WebMonBHO.dll No File

BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll No File

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)

BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-02] (Thinknice Co. Limited)

BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll No File

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-28] (Oracle Corporation)

BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-28] (Oracle Corporation)

BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-30] (Adobe Systems Incorporated)

Toolbar: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\CCL.dll [341696 2015-04-16] (CC Corporation)

Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\CCL.dll [341696 2015-04-16] (CC Corporation)

Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\CCL.dll [341696 2015-04-16] (CC Corporation)

Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\CCL.dll [341696 2015-04-16] (CC Corporation)

Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\CCL.dll [341696 2015-04-16] (CC Corporation)

Tcpip\Parameters: [DhcpNameServer] 116.74.100.28 202.88.130.15

Tcpip\..\Interfaces\{0DDCC7F5-6388-4890-BAEB-BD297EDC8770}: [DhcpNameServer] 172.16.0.2 14.139.5.5 4.2.2.2

Tcpip\..\Interfaces\{52E3406D-CDDB-4BE0-ACEC-A8EE0F64332C}: [DhcpNameServer] 116.74.100.28 202.88.130.15

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.omniboxes...B0FA53589A53589

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default

FF NewTab: hxxp://www.luckysearches.com/newtab/?type=nt&ts=1429177437&from=cmi&uid=ST1000LM024XHN-M101MBB_S314JB0FA53589A53589

FF DefaultSearchEngine: Secure Search

FF DefaultSearchEngine.US: Secure Search

FF SearchEngineOrder.1: Secure Search

FF SelectedSearchEngine: Secure Search

FF Homepage: hxxp://www.<HTML><HEAD>

FF Keyword.URL: https://search.yahoo...997D20141202&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)

FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()

FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-11] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-11] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-28] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-28] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-4064182937-4136054916-3625840862-1001: @spoon.net/Spoon Plugin 3.33 -> C:\Users\User\AppData\Local\Spoon\3.33.602.0\npMozillaSpoonPlugin.dll No File

FF Plugin HKU\S-1-5-21-4064182937-4136054916-3625840862-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)

FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\luckysearches.xml [2015-04-16]

FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\omniboxes.xml [2015-04-16]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-01]

FF Extension: jid0coCUQ7NySNPcj72dA3557kKXGZUjetpack - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack [2015-04-20]

FF Extension: Search Enginer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] [2015-04-16]

FF Extension: PoriceMinus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] [2015-06-01]

FF Extension: 06997db0c0274d5fbd37b0d9230226ea - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea} [2015-04-20]

FF Extension: 11b496ea481a11dc83140800200c9a66 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{11b496ea-481a-11dc-8314-0800200c9a66} [2015-04-20]

FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-05]

FF Extension: Great Find - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{c0cebc48-e279-433d-941e-b6a337c130d6}.xpi [2015-06-26]

FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-12-03]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\[email protected]

FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox

FF HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\WordWeb\WCaptureMoz

FF Extension: WordWeb one-click lookup - C:\Program Files (x86)\WordWeb\WCaptureMoz [2014-12-03]

FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor [not found]

Chrome:

=======

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Translate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-05-27]

CHR Extension: (Google Art Project) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akimgimeeoiognljlfchpbkpfbmeapkh [2015-05-27]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-29]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-02]

CHR Extension: (Indexing Test) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbeihidkikgdcoogkeoeconphggdhop [2015-05-27]

CHR Extension: (MusicAlarm) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmafbdibkmhhhejfjbonifjjjpoaecjo [2014-12-03]

CHR Extension: (McAfee SiteAdvisor Enterprise) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmendinpapjjojakimjlmkkkcmnojefg [2015-06-30]

CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-02]

CHR Extension: (Dictionary) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjkecblddfabhinagflbhecjkkhekm [2014-12-03]

CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-05-27]

CHR Extension: (Block site) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2015-05-27]

CHR Extension: (Video Downloader professional) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-02-04]

CHR Extension: (Hola Better Internet Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-05-27]

CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-27]

CHR Extension: (Dictionary by Dictionary.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh [2014-12-03]

CHR Extension: (Hola Better Internet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-05-27]

CHR Extension: (Google Keep - notes and lists) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-05-27]

CHR Extension: (Facebook Messenger Platinum App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icffcngoggobfihnaemmbkbkgdmfcaac [2015-05-27]

CHR Extension: (Google Play Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-05-27]

CHR Extension: (Dictionary Lookup) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipdjaafajlfiopcppipdinmcjbcpofhd [2015-05-27]

CHR Extension: (Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-05-27]

CHR Extension: (Classic gray theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kocejlmhfkhgniggkiancfidiigikalo [2015-05-27]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-29]

CHR Extension: (ShareThis) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lplpcpijdokpnbjcklakgabohjgneidi [2015-05-27]

CHR Extension: (Google Dictionary (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-05-27]

CHR Extension: (Niice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\miegcjodnnjpiakobaofjcjohidgekdi [2015-05-27]

CHR Extension: (Flair Player) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmenokpjamhajlajnldibdjkacgcp [2015-06-15]

CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]

CHR Extension: (TabCloud) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2015-05-27]

CHR Extension: (Kaspersky Security Scan) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeppdapcjiogpjjnceheinbfmkkpkfni [2015-05-27]

CHR Extension: (Send from Gmail (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2015-05-27]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-02]

CHR Extension: (MyMusicCloud) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaelelbkmommhmjlepigoiepmdaihbk [2015-05-27]

CHR HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-05-29]

CHR HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\WordWeb\wcxChrome.crx [2014-12-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)

R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)

R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-04-02] (XTab system)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-11] (Intel Corporation)

R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-02-27] (Microsoft Corporation) [File not signed]

S3 KMSServerService; C:\Program Files (x86)\KMSpicoPortable\KMSServer.exe [38454 2015-05-26] () [File not signed]

R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)

R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)

R2 sprtsvc_netxpert; C:\Program Files (x86)\Airtel NetXpert\bin\sprtsvc.exe [206120 2011-06-03] (SupportSoft, Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated) [File not signed]

R2 tgsrvc_netxpert; C:\Program Files (x86)\Airtel NetXpert\bin\tgsrvc.exe [185640 2011-06-03] (SupportSoft, Inc.)

R2 VSSS; C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [98832704 2015-06-26] (Microsoft Corporation) [File not signed] <==== ATTENTION

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-04-12] (Microsoft Corporation)

S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-04-12] (Microsoft Corporation)

R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

S2 BDKVRTP; "C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe" -r [X]

S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]

S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)

R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2014-11-06] (Baidu)

R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-25] (Baidu Technology)

S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2014-11-06] (Baidu)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98504 2013-09-25] (Infowatch)

R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67784 2013-09-25] (Infowatch)

R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-02-27] (Microsoft Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-11] (Intel Corporation)

S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)

R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-11-03] (NetFilterSDK.com)

S3 psdrv3; C:\Windows\System32\Drivers\psdrv3.sys [24472 2012-05-16] (Prime Sense Ltd.)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-06] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-04-12] (Microsoft Corporation)

S1 cherimoya; system32\drivers\cherimoya.sys [X]

R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 22:58 - 2015-06-30 22:58 - 00039327 _____ C:\Users\User\Desktop\FRST.txt

2015-06-30 22:58 - 2015-06-30 22:58 - 00000000 ____D C:\FRST

2015-06-30 22:38 - 2015-06-30 22:39 - 00287240 _____ C:\WINDOWS\Minidump\063015-24328-01.dmp

2015-06-30 22:38 - 2015-06-30 22:38 - 547071165 _____ C:\WINDOWS\MEMORY.DMP

2015-06-30 22:37 - 2015-06-30 22:37 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill64.exe

2015-06-30 22:37 - 2015-06-30 22:37 - 00000652 _____ C:\Users\User\Desktop\Rkill.txt

2015-06-30 22:27 - 2015-06-30 22:30 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill.exe

2015-06-30 22:14 - 2015-06-30 22:15 - 02112512 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe

2015-06-30 21:44 - 2015-06-30 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Skype

2015-06-30 21:43 - 2015-06-30 22:43 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype

2015-06-30 21:37 - 2015-06-30 22:43 - 00000000 ____D C:\ProgramData\Skype

2015-06-30 20:47 - 2015-06-30 20:47 - 01415680 _____ (wj32) C:\Program Files\GWOGKNUJ.exe

2015-06-30 20:45 - 2015-06-30 20:45 - 01415680 _____ (wj32) C:\Program Files\XZDFH3FN.exe

2015-06-30 20:40 - 2015-06-30 20:40 - 01415680 _____ (wj32) C:\Program Files\05LSLKVW.exe

2015-06-30 20:38 - 2015-06-30 20:38 - 01415680 _____ (wj32) C:\Program Files\SL3L3XSU.exe

2015-06-30 20:38 - 2015-06-30 20:38 - 01415680 _____ (wj32) C:\Program Files\3XF8PUND.exe

2015-06-30 20:37 - 2015-06-30 20:37 - 01415680 _____ (wj32) C:\Program Files\8DIDIPKH.exe

2015-06-30 20:36 - 2015-06-30 20:36 - 01415680 _____ (wj32) C:\Program Files\4KCYK6XC.exe

2015-06-30 20:33 - 2015-06-30 20:33 - 01415680 _____ (wj32) C:\Program Files\3JBZT93N.exe

2015-06-30 20:31 - 2015-06-30 20:31 - 01415680 _____ (wj32) C:\Program Files\ZT9EJOIA.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\US46I6YU.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\LXP1FHZH.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\KLZSCHMO.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\1F7CHYU7.exe

2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\X91P13P7.exe

2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\VOI0TN57.exe

2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\NSXRK2WF.exe

2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\UMKIME02.exe

2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\4WOIAK70.exe

2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\4KWEM8UO.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\V1GT8U91.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\K6Y8UF25.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\H7S47J4T.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\6YK62EAI.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\6M2IG8C6.exe

2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\T807Z47K.exe

2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\CRLA4X25.exe

2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\0WONMSKI.exe

2015-06-30 18:09 - 2015-06-30 22:44 - 00004938 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DELL-User Dell

2015-06-30 18:06 - 2015-06-30 18:06 - 01415680 _____ (wj32) C:\Program Files\B5NGAKV9.exe

2015-06-30 18:04 - 2015-06-30 18:04 - 01415680 _____ (wj32) C:\Program Files\KCSE0LJA.exe

2015-06-30 17:41 - 2015-06-30 17:41 - 01415680 _____ (wj32) C:\Program Files\THGS38A0.exe

2015-06-30 17:41 - 2015-06-30 17:41 - 01415680 _____ (wj32) C:\Program Files\FWMKBE8B.exe

2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\ZSMPTPHH.exe

2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\P7PWEWET.exe

2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\2F46XMC5.exe

2015-06-30 17:38 - 2015-06-30 17:38 - 01415680 _____ (wj32) C:\Program Files\41UVPUDE.exe

2015-06-30 17:38 - 2015-06-30 17:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes

2015-06-30 17:38 - 2015-06-30 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-06-30 17:36 - 2015-06-30 17:36 - 01415680 _____ (wj32) C:\Program Files\KSK2O0SA.exe

2015-06-30 17:36 - 2015-06-30 17:36 - 01415680 _____ (wj32) C:\Program Files\G2KMIMOM.exe

2015-06-30 17:35 - 2015-06-30 17:35 - 01415680 _____ (wj32) C:\Program Files\6Z4MGJBE.exe

2015-06-30 17:34 - 2015-06-30 17:34 - 01415680 _____ (wj32) C:\Program Files\OKG5C5CK.exe

2015-06-30 17:34 - 2015-06-30 17:34 - 01415680 _____ (wj32) C:\Program Files\B6D6KL3K.exe

2015-06-30 17:31 - 2015-06-30 17:31 - 01415680 _____ (wj32) C:\Program Files\XZCR7PWY.exe

2015-06-30 17:29 - 2015-06-30 17:29 - 01415680 _____ (wj32) C:\Program Files\XWV1GMUT.exe

2015-06-30 17:29 - 2015-06-30 17:29 - 01415680 _____ (wj32) C:\Program Files\4KSUCEGK.exe

2015-06-30 17:28 - 2015-06-30 17:28 - 01415680 _____ (wj32) C:\Program Files\BFVCRX4S.exe

2015-06-30 17:27 - 2015-06-30 17:27 - 01415680 _____ (wj32) C:\Program Files\3WK8D6O4.exe

2015-06-30 17:27 - 2015-06-30 17:27 - 01415680 _____ (wj32) C:\Program Files\0U0UCIWC.exe

2015-06-30 17:26 - 2015-06-30 17:26 - 01415680 _____ (wj32) C:\Program Files\BRY71TZ0.exe

2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\W1TN3KL1.exe

2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\VPUZSX2V.exe

2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\DUZ49RW2.exe

2015-06-30 17:18 - 2015-06-30 17:18 - 01415680 _____ (wj32) C:\Program Files\HX135XZ7.exe

2015-06-30 17:18 - 2015-06-30 17:18 - 01415680 _____ (wj32) C:\Program Files\BG9O3L2G.exe

2015-06-30 17:17 - 2015-06-30 17:17 - 01415680 _____ (wj32) C:\Program Files\C6ZJE6ZH.exe

2015-06-30 17:17 - 2015-06-30 17:17 - 01415680 _____ (wj32) C:\Program Files\A6ACE680.exe

2015-06-30 17:17 - 2015-06-30 17:17 - 00013833 _____ C:\Users\User\Downloads\MONOVA.ORG Malwarebytes Anti-Malware 1.75.0.1300 Pro Final + Keygen.torrent

2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\WD5AD59E.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\VXJV9VRB.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\S6S4WA20.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\MP69R9G5.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\F455JJWL.exe

2015-06-30 17:15 - 2015-06-30 17:15 - 01415680 _____ (wj32) C:\Program Files\M7A2E69K.exe

2015-06-30 17:08 - 2015-06-30 17:08 - 01415680 _____ (wj32) C:\Program Files\6CHB4YRW.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\LNZ11FR4.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\CHP71JO6.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\BI0I0TBE.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\37DHMEUC.exe

2015-06-30 17:05 - 2015-06-30 17:05 - 01415680 _____ (wj32) C:\Program Files\ASMRK4MR.exe

2015-06-30 17:04 - 2015-06-30 17:04 - 01415680 _____ (wj32) C:\Program Files\YGNGXF89.exe

2015-06-30 17:04 - 2015-06-30 17:04 - 01415680 _____ (wj32) C:\Program Files\05A3LKVB.exe

2015-06-30 17:02 - 2015-06-30 17:02 - 01415680 _____ (wj32) C:\Program Files\M8UG2O9J.exe

2015-06-30 17:00 - 2015-06-30 17:00 - 01415680 _____ (wj32) C:\Program Files\GLKK2I0E.exe

2015-06-30 16:59 - 2015-06-30 16:59 - 01415680 _____ (wj32) C:\Program Files\50INUZUN.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\K82KPVP3.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\AFM4XR9F.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\9P6Y1G8Y.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\6DTBGA3T.exe

2015-06-30 16:55 - 2015-06-30 16:55 - 01415680 _____ (wj32) C:\Program Files\M5XEU8BG.exe

2015-06-30 16:55 - 2015-06-30 16:55 - 01415680 _____ (wj32) C:\Program Files\LA4JMME5.exe

2015-06-30 16:53 - 2015-06-30 16:53 - 01415680 _____ (wj32) C:\Program Files\JOL3WKPK.exe

2015-06-30 16:52 - 2015-06-30 16:52 - 01415680 _____ (wj32) C:\Program Files\HD5XT5O6.exe

2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\H9LN9DZR.exe

2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\7EWPUPJ1.exe

2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\6AM4YY4K.exe

2015-06-30 16:46 - 2015-06-30 16:46 - 01415680 _____ (wj32) C:\Program Files\FA4M5ZSV.exe

2015-06-30 16:40 - 2015-06-30 16:40 - 01415680 _____ (wj32) C:\Program Files\BHWFETJV.exe

2015-06-30 16:40 - 2015-06-30 16:40 - 01415680 _____ (wj32) C:\Program Files\B5NGL2VS.exe

2015-06-30 16:39 - 2015-06-30 16:39 - 01415680 _____ (wj32) C:\Program Files\W2WPW1UO.exe

2015-06-30 16:37 - 2015-06-30 16:37 - 01415680 _____ (wj32) C:\Program Files\Z48NFVNH.exe

2015-06-30 16:31 - 2015-06-30 16:31 - 01415680 _____ (wj32) C:\Program Files\XPJBMIM0.exe

2015-06-30 16:29 - 2015-06-30 16:29 - 01415680 _____ (wj32) C:\Program Files\YAW8M86Y.exe

2015-06-30 16:29 - 2015-06-30 16:29 - 01415680 _____ (wj32) C:\Program Files\5NF7NSM0.exe

2015-06-30 16:24 - 2015-06-30 16:24 - 01415680 _____ (wj32) C:\Program Files\SFHJJEXS.exe

2015-06-30 16:24 - 2015-06-30 16:24 - 01415680 _____ (wj32) C:\Program Files\IUKBEJO7.exe

2015-06-30 16:23 - 2015-06-30 16:23 - 01415680 _____ (wj32) C:\Program Files\A2E6O6IC.exe

2015-06-30 16:23 - 2015-06-30 16:23 - 01415680 _____ (wj32) C:\Program Files\7J2U05HF.exe

2015-06-30 16:21 - 2015-06-30 16:21 - 01415680 _____ (wj32) C:\Program Files\ZX5PB97B.exe

2015-06-30 16:21 - 2015-06-30 16:21 - 01415680 _____ (wj32) C:\Program Files\A64W6YWO.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\TXPSW1HV.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\T5RP7DVX.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\RX4A4AF5.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\KIXCF6Y4.exe

2015-06-30 16:19 - 2015-06-30 16:19 - 01415680 _____ (wj32) C:\Program Files\YKOGW6CW.exe

2015-06-30 16:19 - 2015-06-30 16:19 - 01415680 _____ (wj32) C:\Program Files\UDLB32DS.exe

2015-06-30 16:17 - 2015-06-30 16:17 - 01415680 _____ (wj32) C:\Program Files\S4KOA8KS.exe

2015-06-30 16:16 - 2015-06-30 16:16 - 01415680 _____ (wj32) C:\Program Files\XJGFWI3P.exe

2015-06-30 16:11 - 2015-06-30 16:11 - 00001514 _____ C:\Users\User\Desktop\McAfee Virtual Technician.lnk

2015-06-30 16:11 - 2015-06-30 16:11 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee

2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\VAF7ZH9F.exe

2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\RYEWDVEB.exe

2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\L0SXP5XY.exe

2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\K2JM15XR.exe

2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\FZRLKW1V.exe

2015-06-30 16:07 - 2015-06-30 16:08 - 00308576 _____ (McAfee Inc.) C:\Users\User\Downloads\mvtapp.exe

2015-06-30 16:07 - 2015-06-30 16:07 - 01415680 _____ (wj32) C:\Program Files\VC4K1FDI.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\ZBNZBNSA.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\XT5X9S1S.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\TFRZBX1P.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\E64GSGOC.exe

2015-06-30 16:04 - 2015-06-30 16:04 - 01415680 _____ (wj32) C:\Program Files\YACY28IS.exe

2015-06-30 16:04 - 2015-06-30 16:04 - 01415680 _____ (wj32) C:\Program Files\9VN9VHXN.exe

2015-06-30 16:03 - 2015-06-30 16:03 - 01415680 _____ (wj32) C:\Program Files\YIO6OTBR.exe

2015-06-30 16:03 - 2015-06-30 16:03 - 01415680 _____ (wj32) C:\Program Files\RWPJ16ZS.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\YEVDIBIJ.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\WK5NGBI7.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\94MSZSMH.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\4LDTBGX9.exe

2015-06-30 16:01 - 2015-06-30 16:01 - 01415680 _____ (wj32) C:\Program Files\EJOTBGAP.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\TPPRNH7N.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\TLNFV7TL.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\NR53HRBX.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\2A0KWM60.exe

2015-06-30 15:59 - 2015-06-30 15:59 - 01415680 _____ (wj32) C:\Program Files\DFD9DPL5.exe

2015-06-30 05:02 - 2015-06-30 05:02 - 01415680 _____ (wj32) C:\Program Files\DUZFWPUK.exe

2015-06-30 05:01 - 2015-06-30 05:01 - 01415680 _____ (wj32) C:\Program Files\CMUGOOXN.exe

2015-06-30 04:58 - 2015-06-30 04:58 - 01415680 _____ (wj32) C:\Program Files\YIBVOI0I.exe

2015-06-30 04:57 - 2015-06-30 04:57 - 01415680 _____ (wj32) C:\Program Files\9EJ1UBG7.exe

2015-06-30 04:54 - 2015-06-30 04:54 - 01415680 _____ (wj32) C:\Program Files\G93L1TYP.exe

2015-06-30 04:53 - 2015-06-30 04:53 - 01415680 _____ (wj32) C:\Program Files\2OKYKM8M.exe

2015-06-30 04:52 - 2015-06-30 04:52 - 01415680 _____ (wj32) C:\Program Files\1FRTLZ1J.exe

2015-06-30 04:49 - 2015-06-30 04:49 - 01415680 _____ (wj32) C:\Program Files\FB37JV75.exe

2015-06-30 04:48 - 2015-06-30 04:48 - 01415680 _____ (wj32) C:\Program Files\KXP5DIZD.exe

2015-06-30 04:47 - 2015-06-30 04:47 - 01415680 _____ (wj32) C:\Program Files\ZB9HJ191.exe

2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\ZTM4ZTB2.exe

2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\OUPJ172F.exe

2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\49E8DIN2.exe

2015-06-30 04:45 - 2015-06-30 04:45 - 01415680 _____ (wj32) C:\Program Files\R3FRGVJ9.exe

2015-06-30 04:45 - 2015-06-30 04:45 - 01415680 _____ (wj32) C:\Program Files\O6ZHC6OK.exe

2015-06-30 04:42 - 2015-06-30 04:42 - 01415680 _____ (wj32) C:\Program Files\GVNS916V.exe

2015-06-30 04:39 - 2015-06-30 04:39 - 01415680 _____ (wj32) C:\Program Files\L04KEMRS.exe

2015-06-30 04:37 - 2015-06-30 04:37 - 01415680 _____ (wj32) C:\Program Files\YGYRLEWK.exe

2015-06-30 04:36 - 2015-06-30 04:36 - 01415680 _____ (wj32) C:\Program Files\80TAIBTN.exe

2015-06-30 04:35 - 2015-06-30 04:35 - 01415680 _____ (wj32) C:\Program Files\S6WY0KF9.exe

2015-06-30 04:33 - 2015-06-30 04:33 - 01415680 _____ (wj32) C:\Program Files\58PHX1UK.exe

2015-06-30 04:32 - 2015-06-30 04:32 - 01415680 _____ (wj32) C:\Program Files\VBF7ZHMB.exe

2015-06-30 04:32 - 2015-06-30 04:32 - 01415680 _____ (wj32) C:\Program Files\0WGM4ZHK.exe

2015-06-30 04:30 - 2015-06-30 04:30 - 01415680 _____ (wj32) C:\Program Files\4XPHMKI4.exe

2015-06-30 04:29 - 2015-06-30 04:29 - 01415680 _____ (wj32) C:\Program Files\M4MFXR9B.exe

2015-06-30 04:28 - 2015-06-30 04:28 - 01415680 _____ (wj32) C:\Program Files\ZHZHZSZK.exe

2015-06-30 04:26 - 2015-06-30 04:26 - 01415680 _____ (wj32) C:\Program Files\SZ5KA5NT.exe

2015-06-30 04:26 - 2015-06-30 04:26 - 01415680 _____ (wj32) C:\Program Files\91I0INST.exe

2015-06-30 04:24 - 2015-06-30 04:24 - 01415680 _____ (wj32) C:\Program Files\FKPJ171F.exe

2015-06-30 04:21 - 2015-06-30 04:21 - 01415680 _____ (wj32) C:\Program Files\IYKK05PK.exe

2015-06-30 04:21 - 2015-06-30 04:21 - 01415680 _____ (wj32) C:\Program Files\HOTMGLZE.exe

2015-06-30 04:18 - 2015-06-30 04:18 - 01415680 _____ (wj32) C:\Program Files\OSLK7M2I.exe

2015-06-30 04:18 - 2015-06-30 04:18 - 01415680 _____ (wj32) C:\Program Files\IARW1UO2.exe

2015-06-30 04:16 - 2015-06-30 04:16 - 01415680 _____ (wj32) C:\Program Files\UCHO4C6C.exe

2015-06-30 04:15 - 2015-06-30 04:15 - 01415680 _____ (wj32) C:\Program Files\BRWK6YDK.exe

2015-06-30 04:14 - 2015-06-30 04:14 - 01415680 _____ (wj32) C:\Program Files\60GX0SXA.exe

2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\LP2GT7PS.exe

2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\E8E8KWES.exe

2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\9D5XCH91.exe

2015-06-30 04:11 - 2015-06-30 04:11 - 01415680 _____ (wj32) C:\Program Files\AUNU2XM5.exe

2015-06-30 04:09 - 2015-06-30 04:09 - 01415680 _____ (wj32) C:\Program Files\A7K8FYTJ.exe

2015-06-30 04:08 - 2015-06-30 04:08 - 01415680 _____ (wj32) C:\Program Files\CVDVK8YG.exe

2015-06-30 04:08 - 2015-06-30 04:08 - 01415680 _____ (wj32) C:\Program Files\9JPEVDJN.exe

2015-06-30 04:06 - 2015-06-30 04:06 - 01415680 _____ (wj32) C:\Program Files\5N5N5ZSJ.exe

2015-06-30 04:06 - 2015-06-30 04:06 - 01415680 _____ (wj32) C:\Program Files\4B4YG9EJ.exe

2015-06-30 04:01 - 2015-06-30 04:01 - 01415680 _____ (wj32) C:\Program Files\YSASASLC.exe

2015-06-30 04:01 - 2015-06-30 04:01 - 01415680 _____ (wj32) C:\Program Files\B5YGASAI.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\U8ACEGUP.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\RKSMP7S8.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\RJBKTLDT.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\CHMP7B3S.exe

2015-06-30 03:54 - 2015-06-30 03:54 - 01415680 _____ (wj32) C:\Program Files\OTM3VNST.exe

2015-06-30 03:54 - 2015-06-30 03:54 - 01415680 _____ (wj32) C:\Program Files\2GGI9PF6.exe

2015-06-30 03:51 - 2015-06-30 03:51 - 01415680 _____ (wj32) C:\Program Files\HY1V03L9.exe

2015-06-30 03:44 - 2015-06-30 03:44 - 01415680 _____ (wj32) C:\Program Files\B3WK8KV0.exe

2015-06-30 03:43 - 2015-06-30 03:43 - 01415680 _____ (wj32) C:\Program Files\D7PUZ49Y.exe

2015-06-30 03:43 - 2015-06-30 03:43 - 01415680 _____ (wj32) C:\Program Files\05BG82VS.exe

2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\WP7PKEJY.exe

2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\JZ4VCHZ7.exe

2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\0SKC46OW.exe

2015-06-30 03:39 - 2015-06-30 03:39 - 01415680 _____ (wj32) C:\Program Files\4JWWUNO4.exe

2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\N5L2YTLM.exe

2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\B1K349RW.exe

2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\AOAWEGUK.exe

2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\XF8D5ZS0.exe

2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\L04ARH9C.exe

2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\03XP5MRZ.exe

2015-06-30 03:34 - 2015-06-30 03:34 - 01415680 _____ (wj32) C:\Program Files\85RDI4VR.exe

2015-06-30 03:33 - 2015-06-30 03:33 - 01415680 _____ (wj32) C:\Program Files\K8PICST4.exe

2015-06-30 03:32 - 2015-06-30 03:32 - 01415680 _____ (wj32) C:\Program Files\KXLAFXPK.exe

2015-06-30 03:31 - 2015-06-30 03:31 - 01415680 _____ (wj32) C:\Program Files\6DVDVD80.exe

2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\XDIZRWOP.exe

2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\WRXFMO2I.exe

2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\KV0GXDIV.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\Y5OMJE7Y.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\IO6DJDVO.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\FTIV20GU.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\94X5CV00.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\81JDVOT6.exe

2015-06-30 03:28 - 2015-06-30 22:04 - 00000000 ____D C:\ProgramData\AVAST Software

2015-06-30 03:28 - 2015-06-30 03:28 - 01415680 _____ (wj32) C:\Program Files\H05HMCOM.exe

2015-06-30 03:28 - 2015-06-30 03:28 - 01415680 _____ (wj32) C:\Program Files\CSE0G8OS.exe

2015-06-30 03:27 - 2015-06-30 03:27 - 01415680 _____ (wj32) C:\Program Files\9C4M49EB.exe

2015-06-30 03:26 - 2015-06-30 03:26 - 01415680 _____ (wj32) C:\Program Files\I05A2IZS.exe

2015-06-30 03:25 - 2015-06-30 03:25 - 01415680 _____ (wj32) C:\Program Files\ZHZBTBDB.exe

2015-06-30 03:25 - 2015-06-30 03:25 - 01415680 _____ (wj32) C:\Program Files\P5XUM29A.exe

2015-06-30 03:24 - 2015-06-30 03:24 - 01415680 _____ (wj32) C:\Program Files\5NHN4DVP.exe

2015-06-30 03:22 - 2015-06-30 03:22 - 01415680 _____ (wj32) C:\Program Files\NSA4X2JB.exe

2015-06-30 03:20 - 2015-06-30 03:20 - 01415680 _____ (wj32) C:\Program Files\WLDF4TLZ.exe

2015-06-30 03:19 - 2015-06-30 03:27 - 05471128 _____ (Avast Software s.r.o.) C:\Users\Public\Desktop\avast_internet_security_setup_online.exe

2015-06-30 03:19 - 2015-06-30 03:19 - 01415680 _____ (wj32) C:\Program Files\HXP7OHO2.exe

2015-06-30 03:19 - 2015-06-30 03:19 - 01415680 _____ (wj32) C:\Program Files\CUC5N5C5.exe

2015-06-30 03:16 - 2015-06-30 03:16 - 01415680 _____ (wj32) C:\Program Files\RTV77W9X.exe

2015-06-30 03:16 - 2015-06-30 03:16 - 01415680 _____ (wj32) C:\Program Files\P6ZGU8O4.exe

2015-06-30 03:12 - 2015-06-30 03:12 - 01415680 _____ (wj32) C:\Program Files\3BD5R3FD.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\VDFN51NJ.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\EENYUAFR.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\C4WOKSUU.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\9IR03V3V.exe

2015-06-30 03:07 - 2015-06-30 03:07 - 00000000 ____D C:\Users\User\AppData\Roaming\ZTEMTUI

2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\G9381VKS.exe

2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\B3KNSWSG.exe

2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\A80CUMOM.exe

2015-06-30 03:05 - 2015-06-30 03:05 - 01415680 _____ (wj32) C:\Program Files\KKAMKM2I.exe

2015-06-30 03:05 - 2015-06-30 03:05 - 01415680 _____ (wj32) C:\Program Files\3BBFNNRZ.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\Z9VZRVB7.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\YI06O6O8.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\U8KA0KYS.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\RJOSKNS6.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\O8A6EYIC.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\MKYAY6AA.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\H1FZP7L9.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\G0K0CWCS.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\2I6MKKYY.exe

2015-06-30 03:03 - 2015-06-30 03:03 - 01415680 _____ (wj32) C:\Program Files\C8AUAW0O.exe

2015-06-30 03:03 - 2015-06-30 03:03 - 01415680 _____ (wj32) C:\Program Files\4WI42IAU.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\Z3FVJNZR.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\VLB73NDT.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\RZF3FVR3.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\HKCRVA25.exe

2015-06-30 02:59 - 2015-06-30 02:59 - 01415680 _____ (wj32) C:\Program Files\SACMOGIA.exe

2015-06-30 02:59 - 2015-06-30 02:59 - 01415680 _____ (wj32) C:\Program Files\S80H0INB.exe

2015-06-30 02:46 - 2015-06-30 02:46 - 01415680 _____ (wj32) C:\Program Files\3EKKWWSZ.exe

2015-06-30 02:42 - 2015-06-30 02:42 - 01415680 _____ (wj32) C:\Program Files\WSXRXHAF.exe

2015-06-30 02:42 - 2015-06-30 02:42 - 01415680 _____ (wj32) C:\Program Files\6B5NSAF6.exe

2015-06-30 00:22 - 2014-06-20 10:30 - 00189912 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe

2015-06-30 00:20 - 2015-06-30 00:20 - 01415680 _____ (wj32) C:\Program Files\NIGLMT04.exe

2015-06-29 23:56 - 2015-06-29 23:56 - 00000290 _____ C:\WINDOWS\wininit.ini

2015-06-29 23:53 - 2015-06-29 23:53 - 01415680 _____ (wj32) C:\Program Files\7SBUFYH9.exe

2015-06-29 23:35 - 2015-06-29 23:35 - 01415680 _____ (wj32) C:\Program Files\YHMPA0L3.exe

2015-06-29 23:35 - 2015-06-29 23:35 - 01415680 _____ (wj32) C:\Program Files\C0WKSOO0.exe

2015-06-29 23:29 - 2015-06-29 23:29 - 01415680 _____ (wj32) C:\Program Files\7JVR397V.exe

2015-06-29 23:25 - 2015-06-29 23:29 - 05157536 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup (1).exe

2015-06-29 23:17 - 2015-06-29 23:17 - 01415680 _____ (wj32) C:\Program Files\VOV1J1V9.exe

2015-06-29 23:17 - 2015-06-29 23:17 - 01415680 _____ (wj32) C:\Program Files\PR68XOPJ.exe

2015-06-29 23:16 - 2015-06-29 23:38 - 00000000 ____D C:\Program Files\stinger

2015-06-29 22:51 - 2015-06-29 22:51 - 01415680 _____ (wj32) C:\Program Files\TXBF6KYN.exe

2015-06-29 22:01 - 2015-06-29 22:01 - 01415680 _____ (wj32) C:\Program Files\C4L1IN3K.exe

2015-06-29 21:48 - 2015-06-29 21:59 - 07720664 _____ (McAfee, Inc.) C:\Users\User\Downloads\Setup_serial_vXhmvuT7FQA_QT7-DpztaA2_key.exe

2015-06-29 21:27 - 2015-06-29 21:27 - 01415680 _____ (wj32) C:\Program Files\JJ37R7FN.exe

2015-06-29 21:26 - 2015-06-29 21:26 - 01415680 _____ (wj32) C:\Program Files\EAMAW8WO.exe

2015-06-29 21:14 - 2015-06-29 21:14 - 01415680 _____ (wj32) C:\Program Files\K8P5A2WA.exe

2015-06-29 21:14 - 2015-06-29 21:14 - 01415680 _____ (wj32) C:\Program Files\I5NJCYD5.exe

2015-06-29 20:00 - 2015-06-29 20:04 - 04718584 _____ (Avira Operations GmbH & Co. KG) C:\Users\User\Downloads\avira_en_av_5591562e2b8e5__ws.exe

2015-06-29 19:55 - 2015-06-29 19:56 - 00688992 _____ (Swearware) C:\Users\User\Desktop\dds.scr

2015-06-29 19:55 - 2015-06-29 19:55 - 00000126 _____ C:\Users\User\Desktop\download.htm

2015-06-29 19:39 - 2015-06-29 19:39 - 01415680 _____ (wj32) C:\Program Files\PHXFAB6N.exe

2015-06-29 19:36 - 2015-06-29 19:36 - 01415680 _____ (wj32) C:\Program Files\NVKIJKXX.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\U16ZHMGL.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\LX9NZL7P.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\IA2MU6SM.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\CYKCAI4U.exe

2015-06-29 19:30 - 2015-06-29 19:30 - 00000103 _____ C:\Users\User\Desktop\oas-disabled-fix.cmd

2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\O2E02G8W.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\MYACMEWO.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\97D535NB.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\6YWEGYKO.exe

2015-06-29 19:04 - 2015-06-29 19:04 - 01415680 _____ (wj32) C:\Program Files\XH13RNZN.exe

2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\PZXDLPJL.exe

2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\DFHPNZRZ.exe

2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\86SA47OK.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\I4OAWGC0.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\AAKUGWC6.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\5DV9BTJV.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\1JZR9E6W.exe

2015-06-29 16:43 - 2015-06-29 16:43 - 01415680 _____ (wj32) C:\Program Files\4KIACA82.exe

2015-06-29 16:43 - 2015-06-29 16:43 - 01415680 _____ (wj32) C:\Program Files\380FK0UP.exe

2015-06-29 16:38 - 2015-06-29 16:39 - 00000000 ____D C:\ProgramData\Protexis64

2015-06-29 16:37 - 2015-06-29 16:34 - 00002539 _____ C:\Users\Public\Desktop\Bitstream Font Navigator (64-Bit).lnk

2015-06-29 16:37 - 2015-06-29 16:29 - 00003072 _____ C:\Users\Public\Desktop\Corel CAPTURE X7 (64-Bit).lnk

2015-06-29 16:37 - 2015-06-29 16:29 - 00002363 _____ C:\Users\Public\Desktop\Corel CONNECT X7 (64-Bit).lnk

2015-06-29 16:37 - 2015-06-29 16:28 - 00003079 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk

2015-06-29 16:37 - 2015-06-29 16:28 - 00003031 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk

2015-06-29 16:35 - 2015-06-29 16:35 - 00000000 ____D C:\Users\User\Downloads\Corel Draw X7 [32-64]

2015-06-29 16:34 - 2015-06-29 16:34 - 00000000 ____D C:\Program Files\Common Files\Corel

2015-06-29 16:33 - 2015-06-29 16:33 - 00000000 ____D C:\Program Files\Common Files\Protexis

2015-06-29 16:32 - 2015-06-29 16:32 - 00019242 _____ C:\Users\User\Downloads\[kat.cr]corel.draw.x7.x32.x64.btis (1).torrent

2015-06-29 16:31 - 2015-06-29 16:32 - 00019242 _____ C:\Users\User\Downloads\[kat.cr]corel.draw.x7.x32.x64.btis.torrent

2015-06-29 16:28 - 2015-06-29 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)

2015-06-29 16:27 - 2015-06-29 16:27 - 00000000 ____D C:\Program Files\Corel

2015-06-29 16:25 - 2015-06-29 16:25 - 01415680 _____ (wj32) C:\Program Files\NP1PRX1T.exe

2015-06-29 16:24 - 2015-06-29 16:37 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64

2015-06-29 16:23 - 2015-06-29 16:23 - 00000000 ____D C:\WINDOWS\pcpps

2015-06-29 16:10 - 2015-06-29 16:10 - 01415680 _____ (wj32) C:\Program Files\MOW4CO20.exe

2015-06-29 16:06 - 2015-06-29 16:06 - 01415680 _____ (wj32) C:\Program Files\JC4Y3W1R.exe

2015-06-29 16:03 - 2015-06-29 16:03 - 01415680 _____ (wj32) C:\Program Files\3PBXOKG7.exe

2015-06-29 02:47 - 2015-06-29 02:47 - 00196538 _____ C:\Users\User\Downloads\watch (1).htm

2015-06-29 02:38 - 2015-06-29 02:38 - 01415680 _____ (wj32) C:\Program Files\WCKW8SW8.exe

2015-06-29 02:38 - 2015-06-29 02:38 - 01415680 _____ (wj32) C:\Program Files\EGYW0ECW.exe

2015-06-29 01:59 - 2015-06-29 01:59 - 01415680 _____ (wj32) C:\Program Files\FIA26B3S.exe

2015-06-29 01:59 - 2015-06-29 01:59 - 01415680 _____ (wj32) C:\Program Files\1DVNPHJ7.exe

2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\K2L6IGSO.exe

2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\8R3V7K20.exe

2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\68WMOU04.exe

2015-06-29 00:35 - 2015-06-29 00:35 - 01415680 _____ (wj32) C:\Program Files\E670AGAY.exe

2015-06-29 00:33 - 2015-06-29 00:33 - 01415680 _____ (wj32) C:\Program Files\ST6KXLWY.exe

2015-06-29 00:27 - 2015-06-29 00:27 - 01415680 _____ (wj32) C:\Program Files\GSW8SCSO.exe

2015-06-29 00:27 - 2015-06-29 00:27 - 01415680 _____ (wj32) C:\Program Files\CKOWOSOG.exe

2015-06-29 00:19 - 2015-06-29 00:19 - 00020064 _____ C:\Users\User\Downloads\MONOVA.ORG CorelDRAW Graphics Suite X7 [Eng] 32bit-64bit including crack.torrent

2015-06-29 00:15 - 2015-06-29 00:15 - 01415680 _____ (wj32) C:\Program Files\26YE0M80.exe

2015-06-29 00:12 - 2015-06-29 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final

2015-06-29 00:12 - 2015-06-29 00:12 - 00494885 _____ C:\Users\User\Downloads\Microsoft Toolkit Final.exe

2015-06-29 00:08 - 2015-06-29 00:08 - 01415680 _____ (wj32) C:\Program Files\V37B37V3.exe

2015-06-28 23:52 - 2015-06-30 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-06-28 23:51 - 2015-06-28 23:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

2015-06-28 23:50 - 2015-06-28 23:50 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server

2015-06-28 23:49 - 2015-06-28 23:50 - 00000000 ____D C:\Program Files\Microsoft SQL Server

2015-06-28 23:47 - 2015-06-28 23:47 - 00000000 ____D C:\Program Files\Microsoft Analysis Services

2015-06-28 23:47 - 2015-06-28 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services

2015-06-28 23:46 - 2015-06-28 23:49 - 00000000 ____D C:\Program Files\Microsoft Office

2015-06-28 23:46 - 2015-06-28 23:46 - 00000000 __RHD C:\MSOCache

2015-06-28 23:46 - 2015-06-28 23:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2015-06-28 23:26 - 2015-06-28 23:26 - 00004063 _____ C:\Users\User\Downloads\[kat.cr]revo.uninstaller.pro.3.1.2.final.torrent

2015-06-28 23:23 - 2015-06-28 23:23 - 00000000 ____D C:\Users\User\AppData\Local\VS Revo Group

2015-06-28 23:23 - 2015-06-28 23:23 - 00000000 ____D C:\ProgramData\VS Revo Group

2015-06-28 20:47 - 2014-01-12 15:48 - 00000000 ____D C:\Users\User\Desktop\cdrom.inf_amd64_cf04adb457be1724

2015-06-28 20:46 - 2015-06-28 20:46 - 00090604 _____ C:\Users\User\Downloads\cdrom.inf_amd64_cf04adb457be1724.zip

2015-06-28 20:45 - 2015-06-28 20:45 - 00087418 _____ C:\Users\User\Downloads\cdrom.inf_amd64_42e9c29f0affc440.zip

2015-06-28 20:45 - 2014-01-12 02:34 - 00000000 ____D C:\Users\User\Desktop\cdrom.inf_amd64_42e9c29f0affc440

2015-06-28 20:32 - 2015-06-28 20:34 - 00600658 _____ (driverlibs.com ) C:\Users\User\Downloads\DriverUpdateTools.exe

2015-06-28 20:09 - 2015-06-28 20:09 - 00000000 ____D C:\Program Files\Common Files\Atheros

2015-06-28 19:56 - 2015-06-28 19:56 - 01415680 _____ (wj32) C:\Program Files\L160S701.exe

2015-06-28 19:56 - 2015-06-28 19:56 - 01415680 _____ (wj32) C:\Program Files\CKOOWW0O.exe

2015-06-28 19:49 - 2015-06-28 19:49 - 01415680 _____ (wj32) C:\Program Files\IKCOMEWA.exe

2015-06-28 19:49 - 2015-06-28 19:49 - 01415680 _____ (wj32) C:\Program Files\5DX5DLPX.exe

2015-06-28 19:42 - 2015-06-28 19:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Ashampoo

2015-06-28 19:42 - 2015-06-28 19:42 - 00000000 ____D C:\Users\User\AppData\Local\ashampoo

2015-06-28 19:42 - 2015-06-28 19:42 - 00000000 ____D C:\ProgramData\ashampoo

2015-06-28 19:40 - 2015-06-28 19:40 - 00000000 ____D C:\Users\User\Desktop\Ashampoo Burning Studio 10.10.0.4 with themepack

2015-06-28 19:32 - 2015-06-30 20:46 - 00002232 ____H C:\Users\User\Documents\Default.rdp

2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\UZ6ZUCUJ.exe

2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\USEO5RH2.exe

2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\PBXUGRCA.exe

2015-06-28 02:52 - 2015-06-28 02:52 - 01415680 _____ (wj32) C:\Program Files\M24YKCIG.exe

2015-06-27 19:49 - 2015-06-28 20:17 - 00007605 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg

2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\P6P3C3PK.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\EXEAO5TK.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\CTWD6B50.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\CL73ZKEB.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\AS06Y0C0.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\1N5RPBJ1.exe

2015-06-27 04:02 - 2015-06-27 04:02 - 01415680 _____ (wj32) C:\Program Files\SKVW118I.exe

2015-06-27 03:57 - 2015-06-27 03:57 - 01415680 _____ (wj32) C:\Program Files\RRV37ZZJ.exe

2015-06-27 03:53 - 2015-06-27 03:53 - 00347816 _____ (Microsoft Corporation) C:\Users\User\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe

2015-06-27 03:42 - 2015-06-27 03:42 - 00638243 _____ C:\Users\User\Downloads\CDDVDWin8.meta (1).diagcab

2015-06-27 03:33 - 2015-06-27 03:33 - 01415680 _____ (wj32) C:\Program Files\DJ5R1TF7.exe

2015-06-27 03:26 - 2015-06-27 03:26 - 01415680 _____ (wj32) C:\Program Files\YPUYK5J2.exe

2015-06-27 03:26 - 2015-06-27 03:26 - 01415680 _____ (wj32) C:\Program Files\IOI06BGH.exe

2015-06-27 03:19 - 2015-06-27 03:19 - 01415680 _____ (wj32) C:\Program Files\LT9T9LTX.exe

2015-06-27 03:15 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll

2015-06-27 03:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll

2015-06-27 02:55 - 2015-06-27 03:09 - 00000000 ____D C:\Users\User\Downloads\Nero Burning ROM 10.5.10300 + Key [RH]

2015-06-27 02:37 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll

2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\ZTZ6OJ2M.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\JVFNBRBZ.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\JRBJB1BB.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\IR3C432E.exe

2015-06-27 02:10 - 2015-06-27 02:10 - 01415680 _____ (wj32) C:\Program Files\95HPHL7T.exe

2015-06-27 02:10 - 2015-06-27 02:10 - 01415680 _____ (wj32) C:\Program Files\775FT7H7.exe

2015-06-27 02:04 - 2015-06-27 02:04 - 01415680 _____ (wj32) C:\Program Files\0ZV76CB3.exe

2015-06-27 02:00 - 2015-06-27 02:36 - 86837264 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2015-16.0.02600_softonic_trial.exe

2015-06-27 01:57 - 2015-06-27 03:29 - 00000000 ____D C:\Users\User\AppData\Roaming\Nero

2015-06-27 01:57 - 2015-06-27 03:17 - 00000000 ____D C:\Users\User\AppData\Local\Nero

2015-06-27 01:57 - 2015-06-27 01:59 - 00000000 ____D C:\Users\User\AppData\Local\Nero_AG

2015-06-27 01:52 - 2015-06-29 19:24 - 00000000 ____D C:\Program Files (x86)\Nero

2015-06-27 01:52 - 2015-06-27 03:12 - 00000000 ____D C:\ProgramData\Nero

2015-06-27 01:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll

2015-06-27 01:47 - 2015-06-27 01:47 - 01415680 _____ (wj32) C:\Program Files\LNP1T53V.exe

2015-06-27 01:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll

2015-06-27 01:07 - 2015-06-27 01:07 - 01415680 _____ (wj32) C:\Program Files\DHTX1XXD.exe

2015-06-27 01:07 - 2015-06-27 01:07 - 00000000 ____D C:\b4f879bec5b21fbd1b59cd9e21

2015-06-27 01:05 - 2015-06-27 01:06 - 00255920 _____ C:\Users\User\Downloads\Touch_Firmware_Elan_A01_W764W864W8164_ZPE.exe

2015-06-27 00:40 - 2015-06-27 01:28 - 201645672 _____ (Nero AG) C:\Users\User\Downloads\Nero_MediaHome_setup-16.0.02900_3p_free.exe

2015-06-27 00:36 - 2015-06-27 00:36 - 00000000 ____D C:\Users\User\AppData\Roaming\AVG

2015-06-27 00:35 - 2015-06-27 00:35 - 00000000 ____D C:\Users\User\AppData\Local\Avg

2015-06-27 00:33 - 2015-06-27 00:37 - 00000000 ____D C:\ProgramData\AVG

2015-06-27 00:04 - 2015-06-27 00:04 - 00000000 ____D C:\Users\User\Documents\My Weblog Posts

2015-06-27 00:04 - 2015-06-27 00:04 - 00000000 ____D C:\Users\User\AppData\Roaming\Windows Live Writer

2015-06-27 00:04 - 2015-06-27 00:04 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live Writer

2015-06-26 19:23 - 2015-06-26 19:23 - 01415680 _____ (wj32) C:\Program Files\A1NWAO2H.exe

2015-06-26 19:22 - 2015-06-26 19:22 - 01415680 _____ (wj32) C:\Program Files\V4DWDRNZ.exe

2015-06-26 19:22 - 2015-06-26 19:22 - 01415680 _____ (wj32) C:\Program Files\401NW5WB.exe

2015-06-26 19:21 - 2015-06-26 19:21 - 01415680 _____ (wj32) C:\Program Files\T2GXL7LI.exe

2015-06-26 19:21 - 2015-06-26 19:21 - 01415680 _____ (wj32) C:\Program Files\6UBPY7KN.exe

2015-06-26 06:10 - 2015-06-26 06:10 - 00206178 _____ C:\Users\User\Downloads\watch.htm

2015-06-26 02:23 - 2015-06-27 00:31 - 00001090 _____ C:\Users\User\AppData\Roaming\burnaware.ini

2015-06-26 02:22 - 2015-06-27 00:24 - 00000000 ____D C:\Users\User\AppData\Roaming\OpenCandy

2015-06-26 02:20 - 2015-06-26 02:21 - 08369728 _____ (Burnaware ) C:\Users\User\Downloads\burnaware_free.exe

2015-06-26 02:19 - 2015-06-26 02:20 - 03469871 _____ (LIGHTNING UK!) C:\Users\User\Downloads\SetupImgBurn_2.5.8.0.exe

2015-06-26 01:37 - 2015-06-26 01:42 - 09224497 _____ C:\Users\User\Downloads\paint_trails_brushes_by_env1ro (1).rar

2015-06-26 01:36 - 2015-06-26 01:47 - 21326967 _____ C:\Users\User\Downloads\385-grunge-vector-line-brushset-1.rar

2015-06-26 01:36 - 2015-06-26 01:43 - 19306695 _____ C:\Users\User\Downloads\BB_HiRes_Grungy_Watercolor_CS1.abr.zip

2015-06-26 01:35 - 2015-06-26 01:36 - 00572102 _____ C:\Users\User\Downloads\hyper_brushes_by_axeraider70.abr

2015-06-26 01:35 - 2015-06-26 01:35 - 00453852 _____ C:\Users\User\Downloads\Night_Lights_Brush_Set_by_m_ajinah.zip

2015-06-26 01:31 - 2015-06-26 01:33 - 05714151 _____ C:\Users\User\Downloads\392-lightning-bolt-brushes-by-psdbox.com.zip

2015-06-26 01:30 - 2015-06-26 01:33 - 09224497 _____ C:\Users\User\Downloads\paint_trails_brushes_by_env1ro.rar

2015-06-26 01:29 - 2015-06-26 01:34 - 04047912 _____ C:\Users\User\Downloads\paint_markers_brush_set_by_ldn755.abr

2015-06-26 01:28 - 2015-06-26 01:28 - 00001645 _____ C:\Users\User\Downloads\andantonius___pencil_brush_by_andantonius-d1qom1i.abr

2015-06-24 00:33 - 2015-06-24 00:33 - 18174128 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

2015-06-22 18:56 - 2015-06-22 18:59 - 00638243 _____ C:\Users\User\Downloads\CDDVDWin8.meta.diagcab

2015-06-20 23:05 - 2015-06-20 23:05 - 00021248 _____ C:\Users\User\Downloads\D02C78BFBE39DB1CE843274966088D7DBE243351.torrent

2015-06-20 23:03 - 2015-06-20 23:03 - 00020024 _____ C:\Users\User\Downloads\D7A46713EAEE18C746B3254B7D1492A50FD9D6CE.torrent

2015-06-19 19:10 - 2015-06-19 19:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-06-19 19:09 - 2015-06-30 22:14 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001UA.job

2015-06-19 19:09 - 2015-06-30 19:14 - 00000872 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001Core.job

2015-06-19 19:09 - 2015-06-19 19:09 - 00003868 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001UA

2015-06-19 19:09 - 2015-06-19 19:09 - 00003488 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001Core

2015-06-19 19:09 - 2015-06-19 19:09 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox

2015-06-19 19:09 - 2015-06-19 19:09 - 00000000 ____D C:\ProgramData\Dropbox

2015-06-18 17:22 - 2015-06-18 19:18 - 193276899 _____ C:\Users\User\Downloads\321.rar

2015-06-18 02:42 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys

2015-06-17 14:19 - 2015-06-17 14:19 - 00314751 _____ C:\Users\User\Downloads\attachments (2).zip

2015-06-15 22:53 - 2015-06-15 23:09 - 18163385 _____ C:\Users\User\Downloads\Fargo S1 E6 Buridans [bleep].mp4.crdownload

2015-06-14 01:42 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll

2015-06-14 01:42 - 2015-05-25 18:37 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2015-06-14 01:42 - 2015-05-22 18:38 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-06-14 01:42 - 2015-05-21 18:38 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-06-14 01:42 - 2015-05-21 18:38 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-06-14 01:42 - 2015-05-21 18:38 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-06-14 01:42 - 2015-05-21 18:38 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-06-14 01:42 - 2015-05-21 18:38 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2015-06-14 01:42 - 2015-05-21 18:38 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-06-14 01:42 - 2015-04-17 03:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-06-14 01:42 - 2015-04-09 04:11 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll

2015-06-14 01:42 - 2015-04-09 03:37 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml

2015-06-14 01:42 - 2015-04-02 04:12 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2015-06-14 01:42 - 2015-04-02 04:00 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2015-06-14 01:42 - 2015-03-20 09:19 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll

2015-06-14 01:42 - 2015-03-20 08:38 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2015-06-14 01:42 - 2015-03-20 08:07 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2015-06-14 01:42 - 2015-03-20 07:37 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2015-06-14 01:42 - 2015-03-02 07:13 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll

2015-06-14 01:42 - 2015-03-02 06:51 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll

2015-06-14 01:16 - 2015-04-16 11:47 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2015-06-14 01:15 - 2015-04-14 04:07 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll

2015-06-14 01:15 - 2015-04-14 04:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll

2015-06-14 01:15 - 2015-04-10 06:10 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2015-06-14 01:15 - 2015-04-10 05:47 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2015-06-14 01:13 - 2015-04-01 09:51 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

2015-06-14 01:13 - 2015-04-01 09:48 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll

2015-06-14 01:13 - 2015-04-01 09:47 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll

2015-06-14 01:13 - 2015-04-01 09:38 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll

2015-06-14 01:13 - 2015-04-01 09:16 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2015-06-14 01:13 - 2015-04-01 08:47 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2015-06-14 01:13 - 2015-04-01 08:47 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2015-06-14 01:13 - 2015-04-01 08:23 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll

2015-06-14 01:13 - 2015-04-01 08:23 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2015-06-14 01:13 - 2015-04-01 08:15 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2015-06-14 01:13 - 2015-04-01 08:15 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll

2015-06-14 01:13 - 2015-04-01 07:44 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2015-06-14 01:13 - 2015-04-01 07:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2015-06-13 18:54 - 2015-05-27 20:05 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-06-13 18:54 - 2015-05-27 19:38 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-06-13 18:54 - 2015-05-23 08:45 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-06-13 18:54 - 2015-05-23 08:44 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2015-06-13 18:54 - 2015-05-23 08:40 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-06-13 18:54 - 2015-05-23 08:35 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-06-13 18:54 - 2015-05-23 08:34 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2015-06-13 18:54 - 2015-05-23 08:18 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2015-06-13 18:54 - 2015-05-23 08:17 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-06-13 18:54 - 2015-05-23 08:17 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2015-06-13 18:54 - 2015-05-23 08:17 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2015-06-13 18:54 - 2015-05-23 08:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-06-13 18:54 - 2015-05-23 08:08 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-06-13 18:54 - 2015-05-23 08:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2015-06-13 18:54 - 2015-05-23 08:07 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-06-13 18:54 - 2015-05-23 07:58 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-06-13 18:54 - 2015-05-23 07:58 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2015-06-13 18:54 - 2015-05-23 07:50 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-06-13 18:54 - 2015-05-23 07:46 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-06-13 18:54 - 2015-05-23 07:44 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-06-13 18:54 - 2015-05-23 00:30 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-06-13 18:54 - 2015-05-23 00:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-06-13 18:54 - 2015-05-23 00:30 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2015-06-13 18:54 - 2015-05-23 00:22 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-06-13 18:54 - 2015-05-23 00:18 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2015-06-13 18:54 - 2015-05-23 00:17 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-06-13 18:54 - 2015-05-23 00:17 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2015-06-13 18:54 - 2015-05-22 23:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-06-13 18:54 - 2015-05-22 23:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2015-06-13 18:54 - 2015-05-22 23:51 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2015-06-13 18:54 - 2015-05-22 23:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-06-13 18:54 - 2015-05-22 23:39 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2015-06-13 18:54 - 2015-05-22 23:38 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-06-13 18:54 - 2015-05-22 23:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-06-13 18:54 - 2015-05-22 23:35 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-06-13 18:54 - 2015-05-22 23:27 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-06-13 18:54 - 2015-05-22 23:20 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-06-13 18:54 - 2015-05-22 23:19 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2015-06-13 18:54 - 2015-05-22 23:08 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-06-13 18:54 - 2015-05-22 22:56 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-06-13 18:01 - 2015-04-25 08:04 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll

2015-06-13 18:01 - 2015-04-25 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll

2015-06-12 19:12 - 2015-06-12 19:12 - 00000000 ____D C:\Users\User\AppData\Roaming\WTablet

2015-06-12 19:08 - 2015-06-12 19:09 - 00000000 ____D C:\Program Files (x86)\TabletPlugins

2015-06-12 19:08 - 2015-06-12 19:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom

2015-06-12 19:08 - 2014-01-13 11:54 - 01913624 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll

2015-06-12 19:08 - 2014-01-13 11:54 - 01906968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll

2015-06-12 19:08 - 2014-01-13 11:54 - 01780504 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll

2015-06-12 19:08 - 2014-01-13 11:54 - 01778968 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll

2015-06-12 19:08 - 2014-01-13 11:54 - 01544472 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll

2015-06-12 19:08 - 2014-01-13 11:54 - 01432344 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll

2015-06-12 14:03 - 2015-05-21 22:17 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-06-12 03:56 - 2015-06-12 04:02 - 38455200 _____ C:\Users\User\Downloads\PenTablet_532-1.exe

2015-06-10 17:26 - 2015-06-10 17:26 - 00001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk

2015-06-10 17:05 - 2015-06-10 17:05 - 00000000 ____D C:\Users\User\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

2015-06-10 17:00 - 2015-06-10 17:05 - 00000000 ____D C:\ProgramData\Wacom

2015-06-10 17:00 - 2015-06-10 17:00 - 00001163 _____ C:\Users\Public\Desktop\Bamboo Dock.lnk

2015-06-10 17:00 - 2015-06-10 17:00 - 00000000 ____D C:\Users\User\AppData\Roaming\Wacom

2015-06-10 17:00 - 2015-06-10 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock

2015-06-10 16:59 - 2015-06-10 16:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia

2015-06-10 16:59 - 2015-06-10 16:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

2015-06-10 15:30 - 2015-06-10 17:00 - 00000002 _____ C:\Users\User\.bdockinstall.log

2015-06-10 15:30 - 2015-06-10 17:00 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock

2015-06-10 15:29 - 2015-06-12 19:09 - 00000000 ____D C:\Program Files\TabletPlugins

2015-06-10 15:29 - 2013-11-11 19:46 - 00015160 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys

2015-06-10 15:28 - 2015-06-12 19:08 - 00000000 ____D C:\Program Files\Tablet

2015-06-10 15:28 - 2014-01-13 11:54 - 01551640 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll

2015-06-10 15:28 - 2013-11-11 19:46 - 00090424 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys

2015-06-10 15:28 - 2013-11-11 19:46 - 00014136 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys

2015-06-10 15:28 - 2012-04-11 18:04 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfcoinstaller01009.dll

2015-06-09 19:46 - 2015-06-09 19:46 - 00913102 _____ C:\Users\User\Downloads\i4 for site latest.psd

2015-06-09 17:09 - 2015-06-09 17:09 - 00000800 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

2015-06-09 17:09 - 2015-06-09 17:09 - 00000752 _____ C:\Users\User\Desktop\Start Tor Browser.lnk

2015-06-09 17:08 - 2015-06-09 17:09 - 00000000 ____D C:\Users\User\Desktop\Tor Browser

2015-06-09 12:41 - 2015-06-09 13:23 - 35854880 _____ C:\Users\User\Downloads\torbrowser-install-4.5.1_en-US.exe

2015-06-08 15:11 - 2015-06-08 15:11 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe GIF Format CS6 Prefs

2015-06-03 05:44 - 2015-06-03 05:44 - 00000673 _____ C:\Users\User\Downloads\google_eng_250_250.html

2015-06-02 01:52 - 2015-04-10 06:04 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-06-02 01:52 - 2015-04-10 05:41 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-06-02 01:52 - 2015-03-20 07:26 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys

2015-06-02 01:52 - 2015-03-17 22:56 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2015-06-02 01:52 - 2015-03-09 07:32 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys

2015-06-02 01:51 - 2015-03-04 07:02 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2015-06-02 01:51 - 2015-03-04 06:42 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2015-06-02 01:51 - 2015-01-30 06:23 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2015-06-02 01:50 - 2015-04-03 06:05 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll

2015-06-02 01:50 - 2015-04-03 05:44 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll

2015-06-02 01:50 - 2015-04-02 03:52 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2015-06-02 01:50 - 2015-04-02 03:50 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2015-06-02 01:50 - 2015-04-01 09:15 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2015-06-02 01:50 - 2015-04-01 08:01 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2015-06-02 01:50 - 2015-03-13 07:32 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys

2015-06-02 01:50 - 2015-03-13 06:41 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2015-06-02 01:50 - 2015-03-13 06:09 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2015-06-02 01:50 - 2015-03-06 08:17 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2015-06-02 01:49 - 2015-03-11 07:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe

2015-06-02 01:49 - 2015-03-11 06:39 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe

2015-06-02 01:49 - 2015-02-18 04:49 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2015-06-02 01:48 - 2015-03-13 09:33 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-06-02 01:48 - 2015-03-13 09:33 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2015-06-02 01:48 - 2015-03-06 08:38 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll

2015-06-02 01:48 - 2015-03-06 08:13 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll

2015-05-31 16:24 - 2015-05-31 16:24 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2015-05-31 14:40 - 2015-05-31 14:40 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 22:45 - 2015-04-12 10:31 - 01516357 _____ C:\WINDOWS\WindowsUpdate.log

2015-06-30 22:44 - 2015-04-12 10:42 - 00000000 ___DO C:\Users\User\OneDrive

2015-06-30 22:44 - 2014-12-03 05:44 - 00000000 ___RD C:\Users\User\Dropbox

2015-06-30 22:44 - 2014-12-03 05:36 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox

2015-06-30 22:44 - 2014-12-02 03:35 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4064182937-4136054916-3625840862-1001

2015-06-30 22:42 - 2015-05-29 01:10 - 00000000 ___RD C:\Users\User\Google Drive

2015-06-30 22:41 - 2015-05-20 20:46 - 00000000 ____D C:\Users\User\Tracing

2015-06-30 22:40 - 2015-05-24 02:02 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps

2015-06-30 22:39 - 2015-05-27 02:13 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-30 22:39 - 2015-04-16 14:55 - 00004148 _____ C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job

2015-06-30 22:39 - 2013-08-22 20:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-06-30 22:38 - 2015-04-12 19:03 - 00000000 ____D C:\WINDOWS\Minidump

2015-06-30 22:38 - 2013-08-22 20:16 - 00323740 _____ C:\WINDOWS\setupact.log

2015-06-30 22:31 - 2014-12-05 22:24 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-06-30 22:30 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\sru

2015-06-30 22:12 - 2015-05-27 02:13 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-30 22:10 - 2015-04-12 16:16 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5A807F99-38A6-491F-A586-45E0041CDCBD}

2015-06-30 22:06 - 2015-05-26 22:06 - 00000396 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job

2015-06-30 22:04 - 2014-11-21 14:04 - 00569250 _____ C:\WINDOWS\PFRO.log

2015-06-30 22:04 - 2013-08-22 18:55 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2015-06-30 21:40 - 2014-12-02 11:16 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc

2015-06-30 20:56 - 2015-04-27 19:45 - 00000000 ____D C:\Program Files (x86)\McAfee

2015-06-30 20:56 - 2014-12-02 04:11 - 00000000 ____D C:\Program Files\McAfee

2015-06-30 20:56 - 2014-12-02 04:04 - 00000000 ____D C:\ProgramData\McAfee

2015-06-30 20:56 - 2014-12-02 04:04 - 00000000 ____D C:\Program Files\Common Files\McAfee

2015-06-30 20:54 - 2012-07-26 13:42 - 00000000 ____D C:\WINDOWS\ELAMBKUP

2015-06-30 20:48 - 2015-04-27 19:54 - 00000000 __RSD C:\Users\User\Documents\McAfee Vaults

2015-06-30 20:38 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2015-06-30 20:37 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\tracing

2015-06-30 17:57 - 2014-12-03 07:36 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-06-30 17:42 - 2015-03-19 16:20 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent

2015-06-30 17:32 - 2014-11-21 14:14 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-06-30 16:36 - 2013-01-01 13:52 - 00000000 ____D C:\Users\User\AppData\Local\Packages

2015-06-30 16:10 - 2014-12-30 02:11 - 00000000 ____D C:\ProgramData\Corel

2015-06-30 03:07 - 2014-12-17 22:54 - 00000000 ____D C:\Users\User\AppData\Roaming\AC2787-ZTEEVDO

2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList

2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList

2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList

2015-06-30 02:00 - 2014-12-03 06:31 - 00000000 ____D C:\Users\User\AppData\Local\Adobe

2015-06-30 00:32 - 2015-04-16 14:42 - 00000000 ____D C:\Program Files (x86)\globalUpdate

2015-06-29 23:57 - 2013-08-22 18:55 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM

2015-06-29 21:12 - 2015-04-16 14:47 - 00000000 ____D C:\Program Files (x86)\3b5e57a9-2300-42b6-837e-64ff9ae02ad6

2015-06-29 21:04 - 2015-04-13 21:43 - 00000000 ____D C:\ProgramData\Package Cache

2015-06-29 21:03 - 2013-08-22 21:06 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2015-06-29 19:36 - 2015-04-16 15:07 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-06-29 16:39 - 2014-12-03 05:49 - 00000000 ____D C:\Users\User\Documents\Corel

2015-06-29 16:38 - 2014-12-30 02:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Corel

2015-06-29 16:29 - 2014-12-30 02:09 - 00000000 ____D C:\Users\Public\Documents\Corel

2015-06-29 00:30 - 2013-08-22 20:14 - 05187736 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-06-29 00:28 - 2014-12-12 18:58 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-06-29 00:28 - 2014-11-21 21:26 - 00000000 ___SD C:\WINDOWS\system32\CompatTel

2015-06-29 00:01 - 2012-07-26 10:56 - 00000199 _____ C:\WINDOWS\win.ini

2015-06-29 00:00 - 2014-12-03 05:47 - 00000000 ____D C:\Users\User\Downloads\University Grants Commision_files

2015-06-29 00:00 - 2014-12-03 05:47 - 00000000 ____D C:\Users\User\Downloads\fw

2015-06-29 00:00 - 2014-12-03 05:45 - 00000000 ____D C:\Users\User\Desktop\sanket AUD

2015-06-28 23:51 - 2014-11-21 13:55 - 00000000 ____D C:\WINDOWS\ShellNew

2015-06-28 23:48 - 2013-08-22 21:06 - 00000000 ____D C:\Program Files\Common Files\System

2015-06-28 20:09 - 2013-08-22 20:16 - 00000262 _____ C:\WINDOWS\setuperr.log

2015-06-28 19:16 - 2015-05-28 00:36 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-06-28 18:49 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-06-27 04:51 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\rescache

2015-06-27 04:11 - 2012-07-26 13:29 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-06-27 01:55 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\Cursors

2015-06-27 01:34 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ToastData

2015-06-27 01:34 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2015-06-26 08:09 - 2014-12-03 07:36 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help

2015-06-26 03:24 - 2015-05-21 17:30 - 00000000 ____D C:\My

2015-06-24 00:33 - 2014-12-05 22:24 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-06-23 03:35 - 2015-02-01 23:56 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs

2015-06-23 01:17 - 2015-05-27 02:18 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-06-20 23:00 - 2015-03-19 16:59 - 00000878 _____ C:\Users\User\Desktop\BitTorrent.lnk

2015-06-20 23:00 - 2015-03-19 16:59 - 00000858 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk

2015-06-20 08:32 - 2014-11-21 21:33 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-06-20 08:32 - 2014-11-21 21:33 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-06-12 13:40 - 2015-04-16 14:51 - 00000000 ____D C:\Users\User\AppData\Local\4C4C4544-1429195891-4E10-8033-B2C04F515831

2015-06-11 15:50 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-06-10 17:00 - 2014-12-03 06:32 - 00000000 ____D C:\ProgramData\Adobe

2015-06-10 16:59 - 2014-12-03 06:37 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-06-08 20:39 - 2014-12-05 22:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-06-07 22:55 - 2015-04-16 14:46 - 00000000 ____D C:\Users\User\AppData\Roaming\4C4C4544-1429175766-4E10-8033-B2C04F515831

2015-06-07 19:09 - 2015-04-17 21:04 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-06-07 19:09 - 2015-01-27 03:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-06-07 19:09 - 2014-12-05 22:12 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-06-06 16:06 - 2015-05-26 22:06 - 00000000 ____D C:\ProgramData\{1132ae0a-e898-0430-1132-2ae0ae89b82b}

2015-06-02 16:57 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2015-06-02 16:53 - 2015-04-12 23:26 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX

2015-06-02 16:53 - 2015-04-12 23:26 - 00000000 ___SD C:\WINDOWS\system32\GWX

2015-06-02 02:07 - 2014-12-04 18:29 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-06-02 01:55 - 2014-12-04 18:29 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-05-31 23:12 - 2015-02-03 16:26 - 00001456 _____ C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-05-31 04:49 - 2013-08-22 19:06 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers

==================== Files in the root of some directories =======

2015-06-30 03:35 - 2015-06-30 03:35 - 1415680 _____ (wj32) C:\Program Files\03XP5MRZ.exe

2015-06-30 17:04 - 2015-06-30 17:04 - 1415680 _____ (wj32) C:\Program Files\05A3LKVB.exe

2015-06-30 03:43 - 2015-06-30 03:43 - 1415680 _____ (wj32) C:\Program Files\05BG82VS.exe

2015-06-30 20:40 - 2015-06-30 20:40 - 1415680 _____ (wj32) C:\Program Files\05LSLKVW.exe

2015-06-30 03:41 - 2015-06-30 03:41 - 1415680 _____ (wj32) C:\Program Files\0SKC46OW.exe

2015-06-30 17:27 - 2015-06-30 17:27 - 1415680 _____ (wj32) C:\Program Files\0U0UCIWC.exe

2015-06-30 04:32 - 2015-06-30 04:32 - 1415680 _____ (wj32) C:\Program Files\0WGM4ZHK.exe

2015-06-30 18:19 - 2015-06-30 18:19 - 1415680 _____ (wj32) C:\Program Files\0WONMSKI.exe

2015-06-27 02:04 - 2015-06-27 02:04 - 1415680 _____ (wj32) C:\Program Files\0ZV76CB3.exe

2015-06-29 01:59 - 2015-06-29 01:59 - 1415680 _____ (wj32) C:\Program Files\1DVNPHJ7.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 1415680 _____ (wj32) C:\Program Files\1F7CHYU7.exe

2015-06-30 04:52 - 2015-06-30 04:52 - 1415680 _____ (wj32) C:\Program Files\1FRTLZ1J.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 1415680 _____ (wj32) C:\Program Files\1JZR9E6W.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 1415680 _____ (wj32) C:\Program Files\1N5RPBJ1.exe

2015-06-29 00:15 - 2015-06-29 00:15 - 1415680 _____ (wj32) C:\Program Files\26YE0M80.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 1415680 _____ (wj32) C:\Program Files\2A0KWM60.exe

2015-06-30 17:40 - 2015-06-30 17:40 - 1415680 _____ (wj32) C:\Program Files\2F46XMC5.exe

2015-06-30 03:54 - 2015-06-30 03:54 - 1415680 _____ (wj32) C:\Program Files\2GGI9PF6.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\2I6MKKYY.exe

2015-06-30 04:53 - 2015-06-30 04:53 - 1415680 _____ (wj32) C:\Program Files\2OKYKM8M.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 1415680 _____ (wj32) C:\Program Files\37DHMEUC.exe

2015-06-29 16:43 - 2015-06-29 16:43 - 1415680 _____ (wj32) C:\Program Files\380FK0UP.exe

2015-06-30 03:05 - 2015-06-30 03:05 - 1415680 _____ (wj32) C:\Program Files\3BBFNNRZ.exe

2015-06-30 03:12 - 2015-06-30 03:12 - 1415680 _____ (wj32) C:\Program Files\3BD5R3FD.exe

2015-06-30 02:46 - 2015-06-30 02:46 - 1415680 _____ (wj32) C:\Program Files\3EKKWWSZ.exe

2015-06-30 20:33 - 2015-06-30 20:33 - 1415680 _____ (wj32) C:\Program Files\3JBZT93N.exe

2015-06-29 16:03 - 2015-06-29 16:03 - 1415680 _____ (wj32) C:\Program Files\3PBXOKG7.exe

2015-06-30 17:27 - 2015-06-30 17:27 - 1415680 _____ (wj32) C:\Program Files\3WK8D6O4.exe

2015-06-30 20:38 - 2015-06-30 20:38 - 1415680 _____ (wj32) C:\Program Files\3XF8PUND.exe

2015-06-26 19:22 - 2015-06-26 19:22 - 1415680 _____ (wj32) C:\Program Files\401NW5WB.exe

2015-06-30 17:38 - 2015-06-30 17:38 - 1415680 _____ (wj32) C:\Program Files\41UVPUDE.exe

2015-06-30 04:46 - 2015-06-30 04:46 - 1415680 _____ (wj32) C:\Program Files\49E8DIN2.exe

2015-06-30 04:06 - 2015-06-30 04:06 - 1415680 _____ (wj32) C:\Program Files\4B4YG9EJ.exe

2015-06-30 03:39 - 2015-06-30 03:39 - 1415680 _____ (wj32) C:\Program Files\4JWWUNO4.exe

2015-06-30 20:36 - 2015-06-30 20:36 - 1415680 _____ (wj32) C:\Program Files\4KCYK6XC.exe

2015-06-29 16:43 - 2015-06-29 16:43 - 1415680 _____ (wj32) C:\Program Files\4KIACA82.exe

2015-06-30 17:29 - 2015-06-30 17:29 - 1415680 _____ (wj32) C:\Program Files\4KSUCEGK.exe

2015-06-30 20:22 - 2015-06-30 20:22 - 1415680 _____ (wj32) C:\Program Files\4KWEM8UO.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 1415680 _____ (wj32) C:\Program Files\4LDTBGX9.exe

2015-06-30 03:03 - 2015-06-30 03:03 - 1415680 _____ (wj32) C:\Program Files\4WI42IAU.exe

2015-06-30 20:22 - 2015-06-30 20:22 - 1415680 _____ (wj32) C:\Program Files\4WOIAK70.exe

2015-06-30 04:30 - 2015-06-30 04:30 - 1415680 _____ (wj32) C:\Program Files\4XPHMKI4.exe

2015-06-30 16:59 - 2015-06-30 16:59 - 1415680 _____ (wj32) C:\Program Files\50INUZUN.exe

2015-06-30 04:33 - 2015-06-30 04:33 - 1415680 _____ (wj32) C:\Program Files\58PHX1UK.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 1415680 _____ (wj32) C:\Program Files\5DV9BTJV.exe

2015-06-28 19:49 - 2015-06-28 19:49 - 1415680 _____ (wj32) C:\Program Files\5DX5DLPX.exe

2015-06-30 04:06 - 2015-06-30 04:06 - 1415680 _____ (wj32) C:\Program Files\5N5N5ZSJ.exe

2015-06-30 16:29 - 2015-06-30 16:29 - 1415680 _____ (wj32) C:\Program Files\5NF7NSM0.exe

2015-06-30 03:24 - 2015-06-30 03:24 - 1415680 _____ (wj32) C:\Program Files\5NHN4DVP.exe

2015-06-30 04:14 - 2015-06-30 04:14 - 1415680 _____ (wj32) C:\Program Files\60GX0SXA.exe

2015-06-29 00:38 - 2015-06-29 00:38 - 1415680 _____ (wj32) C:\Program Files\68WMOU04.exe

2015-06-30 16:47 - 2015-06-30 16:47 - 1415680 _____ (wj32) C:\Program Files\6AM4YY4K.exe

2015-06-30 02:42 - 2015-06-30 02:42 - 1415680 _____ (wj32) C:\Program Files\6B5NSAF6.exe

2015-06-30 17:08 - 2015-06-30 17:08 - 1415680 _____ (wj32) C:\Program Files\6CHB4YRW.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 1415680 _____ (wj32) C:\Program Files\6DTBGA3T.exe

2015-06-30 03:31 - 2015-06-30 03:31 - 1415680 _____ (wj32) C:\Program Files\6DVDVD80.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 1415680 _____ (wj32) C:\Program Files\6M2IG8C6.exe

2015-06-26 19:21 - 2015-06-26 19:21 - 1415680 _____ (wj32) C:\Program Files\6UBPY7KN.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 1415680 _____ (wj32) C:\Program Files\6YK62EAI.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 1415680 _____ (wj32) C:\Program Files\6YWEGYKO.exe

2015-06-30 17:35 - 2015-06-30 17:35 - 1415680 _____ (wj32) C:\Program Files\6Z4MGJBE.exe

2015-06-27 02:10 - 2015-06-27 02:10 - 1415680 _____ (wj32) C:\Program Files\775FT7H7.exe

2015-06-30 16:47 - 2015-06-30 16:47 - 1415680 _____ (wj32) C:\Program Files\7EWPUPJ1.exe

2015-06-30 16:23 - 2015-06-30 16:23 - 1415680 _____ (wj32) C:\Program Files\7J2U05HF.exe

2015-06-29 23:29 - 2015-06-29 23:29 - 1415680 _____ (wj32) C:\Program Files\7JVR397V.exe

2015-06-29 23:53 - 2015-06-29 23:53 - 1415680 _____ (wj32) C:\Program Files\7SBUFYH9.exe

2015-06-30 04:36 - 2015-06-30 04:36 - 1415680 _____ (wj32) C:\Program Files\80TAIBTN.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 1415680 _____ (wj32) C:\Program Files\81JDVOT6.exe

2015-06-30 03:34 - 2015-06-30 03:34 - 1415680 _____ (wj32) C:\Program Files\85RDI4VR.exe

2015-06-29 17:34 - 2015-06-29 17:34 - 1415680 _____ (wj32) C:\Program Files\86SA47OK.exe

2015-06-30 20:37 - 2015-06-30 20:37 - 1415680 _____ (wj32) C:\Program Files\8DIDIPKH.exe

2015-06-29 00:38 - 2015-06-29 00:38 - 1415680 _____ (wj32) C:\Program Files\8R3V7K20.exe

2015-06-30 04:26 - 2015-06-30 04:26 - 1415680 _____ (wj32) C:\Program Files\91I0INST.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 1415680 _____ (wj32) C:\Program Files\94MSZSMH.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 1415680 _____ (wj32) C:\Program Files\94X5CV00.exe

2015-06-27 02:10 - 2015-06-27 02:10 - 1415680 _____ (wj32) C:\Program Files\95HPHL7T.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 1415680 _____ (wj32) C:\Program Files\97D535NB.exe

2015-06-30 03:27 - 2015-06-30 03:27 - 1415680 _____ (wj32) C:\Program Files\9C4M49EB.exe

2015-06-30 04:13 - 2015-06-30 04:13 - 1415680 _____ (wj32) C:\Program Files\9D5XCH91.exe

2015-06-30 04:57 - 2015-06-30 04:57 - 1415680 _____ (wj32) C:\Program Files\9EJ1UBG7.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 1415680 _____ (wj32) C:\Program Files\9IR03V3V.exe

2015-06-30 04:08 - 2015-06-30 04:08 - 1415680 _____ (wj32) C:\Program Files\9JPEVDJN.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 1415680 _____ (wj32) C:\Program Files\9P6Y1G8Y.exe

2015-06-30 16:04 - 2015-06-30 16:04 - 1415680 _____ (wj32) C:\Program Files\9VN9VHXN.exe

2015-06-26 19:23 - 2015-06-26 19:23 - 1415680 _____ (wj32) C:\Program Files\A1NWAO2H.exe

2015-06-30 16:23 - 2015-06-30 16:23 - 1415680 _____ (wj32) C:\Program Files\A2E6O6IC.exe

2015-06-30 16:21 - 2015-06-30 16:21 - 1415680 _____ (wj32) C:\Program Files\A64W6YWO.exe

2015-06-30 17:17 - 2015-06-30 17:17 - 1415680 _____ (wj32) C:\Program Files\A6ACE680.exe

2015-06-30 04:09 - 2015-06-30 04:09 - 1415680 _____ (wj32) C:\Program Files\A7K8FYTJ.exe

2015-06-30 03:06 - 2015-06-30 03:06 - 1415680 _____ (wj32) C:\Program Files\A80CUMOM.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 1415680 _____ (wj32) C:\Program Files\AAKUGWC6.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 1415680 _____ (wj32) C:\Program Files\AFM4XR9F.exe

2015-06-30 03:36 - 2015-06-30 03:36 - 1415680 _____ (wj32) C:\Program Files\AOAWEGUK.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 1415680 _____ (wj32) C:\Program Files\AS06Y0C0.exe

2015-06-30 17:05 - 2015-06-30 17:05 - 1415680 _____ (wj32) C:\Program Files\ASMRK4MR.exe

2015-06-30 04:11 - 2015-06-30 04:11 - 1415680 _____ (wj32) C:\Program Files\AUNU2XM5.exe

2015-06-30 03:36 - 2015-06-30 03:36 - 1415680 _____ (wj32) C:\Program Files\B1K349RW.exe

2015-06-30 03:06 - 2015-06-30 03:06 - 1415680 _____ (wj32) C:\Program Files\B3KNSWSG.exe

2015-06-30 03:44 - 2015-06-30 03:44 - 1415680 _____ (wj32) C:\Program Files\B3WK8KV0.exe

2015-06-30 18:06 - 2015-06-30 18:06 - 1415680 _____ (wj32) C:\Program Files\B5NGAKV9.exe

2015-06-30 16:40 - 2015-06-30 16:40 - 1415680 _____ (wj32) C:\Program Files\B5NGL2VS.exe

2015-06-30 04:01 - 2015-06-30 04:01 - 1415680 _____ (wj32) C:\Program Files\B5YGASAI.exe

2015-06-30 17:34 - 2015-06-30 17:34 - 1415680 _____ (wj32) C:\Program Files\B6D6KL3K.exe

2015-06-30 17:28 - 2015-06-30 17:28 - 1415680 _____ (wj32) C:\Program Files\BFVCRX4S.exe

2015-06-30 17:18 - 2015-06-30 17:18 - 1415680 _____ (wj32) C:\Program Files\BG9O3L2G.exe

2015-06-30 16:40 - 2015-06-30 16:40 - 1415680 _____ (wj32) C:\Program Files\BHWFETJV.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 1415680 _____ (wj32) C:\Program Files\BI0I0TBE.exe

2015-06-30 04:15 - 2015-06-30 04:15 - 1415680 _____ (wj32) C:\Program Files\BRWK6YDK.exe

2015-06-30 17:26 - 2015-06-30 17:26 - 1415680 _____ (wj32) C:\Program Files\BRY71TZ0.exe

2015-06-29 23:35 - 2015-06-29 23:35 - 1415680 _____ (wj32) C:\Program Files\C0WKSOO0.exe

2015-06-29 22:01 - 2015-06-29 22:01 - 1415680 _____ (wj32) C:\Program Files\C4L1IN3K.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 1415680 _____ (wj32) C:\Program Files\C4WOKSUU.exe

2015-06-30 17:17 - 2015-06-30 17:17 - 1415680 _____ (wj32) C:\Program Files\C6ZJE6ZH.exe

2015-06-30 03:03 - 2015-06-30 03:03 - 1415680 _____ (wj32) C:\Program Files\C8AUAW0O.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 1415680 _____ (wj32) C:\Program Files\CHMP7B3S.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 1415680 _____ (wj32) C:\Program Files\CHP71JO6.exe

2015-06-28 19:56 - 2015-06-28 19:56 - 1415680 _____ (wj32) C:\Program Files\CKOOWW0O.exe

2015-06-29 00:27 - 2015-06-29 00:27 - 1415680 _____ (wj32) C:\Program Files\CKOWOSOG.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 1415680 _____ (wj32) C:\Program Files\CL73ZKEB.exe

2015-06-30 05:01 - 2015-06-30 05:01 - 1415680 _____ (wj32) C:\Program Files\CMUGOOXN.exe

2015-06-30 18:19 - 2015-06-30 18:19 - 1415680 _____ (wj32) C:\Program Files\CRLA4X25.exe

2015-06-30 03:28 - 2015-06-30 03:28 - 1415680 _____ (wj32) C:\Program Files\CSE0G8OS.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 1415680 _____ (wj32) C:\Program Files\CTWD6B50.exe

2015-06-30 03:19 - 2015-06-30 03:19 - 1415680 _____ (wj32) C:\Program Files\CUC5N5C5.exe

2015-06-30 04:08 - 2015-06-30 04:08 - 1415680 _____ (wj32) C:\Program Files\CVDVK8YG.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 1415680 _____ (wj32) C:\Program Files\CYKCAI4U.exe

2015-06-30 03:43 - 2015-06-30 03:43 - 1415680 _____ (wj32) C:\Program Files\D7PUZ49Y.exe

2015-06-30 15:59 - 2015-06-30 15:59 - 1415680 _____ (wj32) C:\Program Files\DFD9DPL5.exe

2015-06-29 17:34 - 2015-06-29 17:34 - 1415680 _____ (wj32) C:\Program Files\DFHPNZRZ.exe

2015-06-27 01:07 - 2015-06-27 01:07 - 1415680 _____ (wj32) C:\Program Files\DHTX1XXD.exe

2015-06-27 03:33 - 2015-06-27 03:33 - 1415680 _____ (wj32) C:\Program Files\DJ5R1TF7.exe

2015-06-30 17:22 - 2015-06-30 17:22 - 1415680 _____ (wj32) C:\Program Files\DUZ49RW2.exe

2015-06-30 05:02 - 2015-06-30 05:02 - 1415680 _____ (wj32) C:\Program Files\DUZFWPUK.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 1415680 _____ (wj32) C:\Program Files\E64GSGOC.exe

2015-06-29 00:35 - 2015-06-29 00:35 - 1415680 _____ (wj32) C:\Program Files\E670AGAY.exe

2015-06-30 04:13 - 2015-06-30 04:13 - 1415680 _____ (wj32) C:\Program Files\E8E8KWES.exe

2015-06-29 21:26 - 2015-06-29 21:26 - 1415680 _____ (wj32) C:\Program Files\EAMAW8WO.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 1415680 _____ (wj32) C:\Program Files\EENYUAFR.exe

2015-06-29 02:38 - 2015-06-29 02:38 - 1415680 _____ (wj32) C:\Program Files\EGYW0ECW.exe

2015-06-30 16:01 - 2015-06-30 16:01 - 1415680 _____ (wj32) C:\Program Files\EJOTBGAP.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 1415680 _____ (wj32) C:\Program Files\EXEAO5TK.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 1415680 _____ (wj32) C:\Program Files\F455JJWL.exe

2015-06-30 16:46 - 2015-06-30 16:46 - 1415680 _____ (wj32) C:\Program Files\FA4M5ZSV.exe

2015-06-30 04:49 - 2015-06-30 04:49 - 1415680 _____ (wj32) C:\Program Files\FB37JV75.exe

2015-06-29 01:59 - 2015-06-29 01:59 - 1415680 _____ (wj32) C:\Program Files\FIA26B3S.exe

2015-06-30 04:24 - 2015-06-30 04:24 - 1415680 _____ (wj32) C:\Program Files\FKPJ171F.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 1415680 _____ (wj32) C:\Program Files\FTIV20GU.exe

2015-06-30 17:41 - 2015-06-30 17:41 - 1415680 _____ (wj32) C:\Program Files\FWMKBE8B.exe

2015-06-30 16:08 - 2015-06-30 16:08 - 1415680 _____ (wj32) C:\Program Files\FZRLKW1V.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\G0K0CWCS.exe

2015-06-30 17:36 - 2015-06-30 17:36 - 1415680 _____ (wj32) C:\Program Files\G2KMIMOM.exe

2015-06-30 03:06 - 2015-06-30 03:06 - 1415680 _____ (wj32) C:\Program Files\G9381VKS.exe

2015-06-30 04:54 - 2015-06-30 04:54 - 1415680 _____ (wj32) C:\Program Files\G93L1TYP.exe

2015-06-30 17:00 - 2015-06-30 17:00 - 1415680 _____ (wj32) C:\Program Files\GLKK2I0E.exe

2015-06-29 00:27 - 2015-06-29 00:27 - 1415680 _____ (wj32) C:\Program Files\GSW8SCSO.exe

2015-06-30 04:42 - 2015-06-30 04:42 - 1415680 _____ (wj32) C:\Program Files\GVNS916V.exe

2015-06-30 20:47 - 2015-06-30 20:47 - 1415680 _____ (wj32) C:\Program Files\GWOGKNUJ.exe

2015-06-30 03:28 - 2015-06-30 03:28 - 1415680 _____ (wj32) C:\Program Files\H05HMCOM.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\H1FZP7L9.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 1415680 _____ (wj32) C:\Program Files\H7S47J4T.exe

2015-06-30 16:47 - 2015-06-30 16:47 - 1415680 _____ (wj32) C:\Program Files\H9LN9DZR.exe

2015-06-30 16:52 - 2015-06-30 16:52 - 1415680 _____ (wj32) C:\Program Files\HD5XT5O6.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 1415680 _____ (wj32) C:\Program Files\HKCRVA25.exe

2015-06-30 04:21 - 2015-06-30 04:21 - 1415680 _____ (wj32) C:\Program Files\HOTMGLZE.exe

2015-06-30 17:18 - 2015-06-30 17:18 - 1415680 _____ (wj32) C:\Program Files\HX135XZ7.exe

2015-06-30 03:19 - 2015-06-30 03:19 - 1415680 _____ (wj32) C:\Program Files\HXP7OHO2.exe

2015-06-30 03:51 - 2015-06-30 03:51 - 1415680 _____ (wj32) C:\Program Files\HY1V03L9.exe

2015-06-30 03:26 - 2015-06-30 03:26 - 1415680 _____ (wj32) C:\Program Files\I05A2IZS.exe

2015-06-29 16:54 - 2015-06-29 16:54 - 1415680 _____ (wj32) C:\Program Files\I4OAWGC0.exe

2015-06-29 21:14 - 2015-06-29 21:14 - 1415680 _____ (wj32) C:\Program Files\I5NJCYD5.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 1415680 _____ (wj32) C:\Program Files\IA2MU6SM.exe

2015-06-30 04:18 - 2015-06-30 04:18 - 1415680 _____ (wj32) C:\Program Files\IARW1UO2.exe

2015-06-28 19:49 - 2015-06-28 19:49 - 1415680 _____ (wj32) C:\Program Files\IKCOMEWA.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 1415680 _____ (wj32) C:\Program Files\IO6DJDVO.exe

2015-06-27 03:26 - 2015-06-27 03:26 - 1415680 _____ (wj32) C:\Program Files\IOI06BGH.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 1415680 _____ (wj32) C:\Program Files\IR3C432E.exe

2015-06-30 16:24 - 2015-06-30 16:24 - 1415680 _____ (wj32) C:\Program Files\IUKBEJO7.exe

2015-06-30 04:21 - 2015-06-30 04:21 - 1415680 _____ (wj32) C:\Program Files\IYKK05PK.exe

2015-06-29 16:06 - 2015-06-29 16:06 - 1415680 _____ (wj32) C:\Program Files\JC4Y3W1R.exe

2015-06-29 21:27 - 2015-06-29 21:27 - 1415680 _____ (wj32) C:\Program Files\JJ37R7FN.exe

2015-06-30 16:53 - 2015-06-30 16:53 - 1415680 _____ (wj32) C:\Program Files\JOL3WKPK.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 1415680 _____ (wj32) C:\Program Files\JRBJB1BB.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 1415680 _____ (wj32) C:\Program Files\JVFNBRBZ.exe

2015-06-30 03:41 - 2015-06-30 03:41 - 1415680 _____ (wj32) C:\Program Files\JZ4VCHZ7.exe

2015-06-30 16:08 - 2015-06-30 16:08 - 1415680 _____ (wj32) C:\Program Files\K2JM15XR.exe

2015-06-29 00:38 - 2015-06-29 00:38 - 1415680 _____ (wj32) C:\Program Files\K2L6IGSO.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 1415680 _____ (wj32) C:\Program Files\K6Y8UF25.exe

2015-06-30 16:57 - 2015-06-30 16:57 - 1415680 _____ (wj32) C:\Program Files\K82KPVP3.exe

2015-06-29 21:14 - 2015-06-29 21:14 - 1415680 _____ (wj32) C:\Program Files\K8P5A2WA.exe

2015-06-30 03:33 - 2015-06-30 03:33 - 1415680 _____ (wj32) C:\Program Files\K8PICST4.exe

2015-06-30 18:04 - 2015-06-30 18:04 - 1415680 _____ (wj32) C:\Program Files\KCSE0LJA.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 1415680 _____ (wj32) C:\Program Files\KIXCF6Y4.exe

2015-06-30 03:05 - 2015-06-30 03:05 - 1415680 _____ (wj32) C:\Program Files\KKAMKM2I.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 1415680 _____ (wj32) C:\Program Files\KLZSCHMO.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 0000000 _____ () C:\Program Files\kprocesshacker.sys

2015-06-30 17:36 - 2015-06-30 17:36 - 1415680 _____ (wj32) C:\Program Files\KSK2O0SA.exe

2015-06-30 03:30 - 2015-06-30 03:30 - 1415680 _____ (wj32) C:\Program Files\KV0GXDIV.exe

2015-06-30 03:32 - 2015-06-30 03:32 - 1415680 _____ (wj32) C:\Program Files\KXLAFXPK.exe

2015-06-30 04:48 - 2015-06-30 04:48 - 1415680 _____ (wj32) C:\Program Files\KXP5DIZD.exe

2015-06-30 03:35 - 2015-06-30 03:35 - 1415680 _____ (wj32) C:\Program Files\L04ARH9C.exe

2015-06-30 04:39 - 2015-06-30 04:39 - 1415680 _____ (wj32) C:\Program Files\L04KEMRS.exe

2015-06-30 16:08 - 2015-06-30 16:08 - 1415680 _____ (wj32) C:\Program Files\L0SXP5XY.exe

2015-06-28 19:56 - 2015-06-28 19:56 - 1415680 _____ (wj32) C:\Program Files\L160S701.exe

2015-06-30 16:55 - 2015-06-30 16:55 - 1415680 _____ (wj32) C:\Program Files\LA4JMME5.exe

2015-06-27 01:47 - 2015-06-27 01:47 - 1415680 _____ (wj32) C:\Program Files\LNP1T53V.exe

2015-06-30 17:07 - 2015-06-30 17:07 - 1415680 _____ (wj32) C:\Program Files\LNZ11FR4.exe

2015-06-30 04:13 - 2015-06-30 04:13 - 1415680 _____ (wj32) C:\Program Files\LP2GT7PS.exe

2015-06-27 03:19 - 2015-06-27 03:19 - 1415680 _____ (wj32) C:\Program Files\LT9T9LTX.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 1415680 _____ (wj32) C:\Program Files\LX9NZL7P.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 1415680 _____ (wj32) C:\Program Files\LXP1FHZH.exe

2015-06-28 02:52 - 2015-06-28 02:52 - 1415680 _____ (wj32) C:\Program Files\M24YKCIG.exe

2015-06-30 04:29 - 2015-06-30 04:29 - 1415680 _____ (wj32) C:\Program Files\M4MFXR9B.exe

2015-06-30 04:29 - 2015-06-30 04:29 - 0000000 _____ () C:\Program Files\M57ZYX9R.exe

2015-06-30 16:55 - 2015-06-30 16:55 - 1415680 _____ (wj32) C:\Program Files\M5XEU8BG.exe

2015-06-30 17:15 - 2015-06-30 17:15 - 1415680 _____ (wj32) C:\Program Files\M7A2E69K.exe

2015-06-30 17:02 - 2015-06-30 17:02 - 1415680 _____ (wj32) C:\Program Files\M8UG2O9J.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\MKYAY6AA.exe

2015-06-29 16:10 - 2015-06-29 16:10 - 1415680 _____ (wj32) C:\Program Files\MOW4CO20.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 1415680 _____ (wj32) C:\Program Files\MP69R9G5.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 1415680 _____ (wj32) C:\Program Files\MYACMEWO.exe

2015-06-30 03:36 - 2015-06-30 03:36 - 1415680 _____ (wj32) C:\Program Files\N5L2YTLM.exe

2015-06-30 00:20 - 2015-06-30 00:20 - 1415680 _____ (wj32) C:\Program Files\NIGLMT04.exe

2015-06-29 16:25 - 2015-06-29 16:25 - 1415680 _____ (wj32) C:\Program Files\NP1PRX1T.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 1415680 _____ (wj32) C:\Program Files\NR53HRBX.exe

2015-06-30 03:22 - 2015-06-30 03:22 - 1415680 _____ (wj32) C:\Program Files\NSA4X2JB.exe

2015-06-30 20:23 - 2015-06-30 20:23 - 1415680 _____ (wj32) C:\Program Files\NSXRK2WF.exe

2015-06-29 19:36 - 2015-06-29 19:36 - 1415680 _____ (wj32) C:\Program Files\NVKIJKXX.exe

2015-06-29 19:22 - 2015-06-29 19:22 - 1415680 _____ (wj32) C:\Program Files\O2E02G8W.exe

2015-06-30 04:45 - 2015-06-30 04:45 - 1415680 _____ (wj32) C:\Program Files\O6ZHC6OK.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\O8A6EYIC.exe

2015-06-30 17:34 - 2015-06-30 17:34 - 1415680 _____ (wj32) C:\Program Files\OKG5C5CK.exe

2015-06-30 04:18 - 2015-06-30 04:18 - 1415680 _____ (wj32) C:\Program Files\OSLK7M2I.exe

2015-06-30 03:54 - 2015-06-30 03:54 - 1415680 _____ (wj32) C:\Program Files\OTM3VNST.exe

2015-06-30 04:46 - 2015-06-30 04:46 - 1415680 _____ (wj32) C:\Program Files\OUPJ172F.exe

2015-06-30 03:25 - 2015-06-30 03:25 - 1415680 _____ (wj32) C:\Program Files\P5XUM29A.exe

2015-06-27 19:31 - 2015-06-27 19:31 - 1415680 _____ (wj32) C:\Program Files\P6P3C3PK.exe

2015-06-30 03:16 - 2015-06-30 03:16 - 1415680 _____ (wj32) C:\Program Files\P6ZGU8O4.exe

2015-06-30 17:40 - 2015-06-30 17:40 - 1415680 _____ (wj32) C:\Program Files\P7PWEWET.exe

2015-06-28 18:58 - 2015-06-28 18:58 - 1415680 _____ (wj32) C:\Program Files\PBXUGRCA.exe

2015-06-29 19:39 - 2015-06-29 19:39 - 1415680 _____ (wj32) C:\Program Files\PHXFAB6N.exe

2015-06-29 23:17 - 2015-06-29 23:17 - 1415680 _____ (wj32) C:\Program Files\PR68XOPJ.exe

2015-06-29 17:34 - 2015-06-29 17:34 - 1415680 _____ (wj32) C:\Program Files\PZXDLPJL.exe

2015-06-30 04:45 - 2015-06-30 04:45 - 1415680 _____ (wj32) C:\Program Files\R3FRGVJ9.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 1415680 _____ (wj32) C:\Program Files\RJBKTLDT.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\RJOSKNS6.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 1415680 _____ (wj32) C:\Program Files\RKSMP7S8.exe

2015-06-27 03:57 - 2015-06-27 03:57 - 1415680 _____ (wj32) C:\Program Files\RRV37ZZJ.exe

2015-06-30 03:16 - 2015-06-30 03:16 - 1415680 _____ (wj32) C:\Program Files\RTV77W9X.exe

2015-06-30 16:03 - 2015-06-30 16:03 - 1415680 _____ (wj32) C:\Program Files\RWPJ16ZS.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 1415680 _____ (wj32) C:\Program Files\RX4A4AF5.exe

2015-06-30 16:10 - 2015-06-30 16:10 - 1415680 _____ (wj32) C:\Program Files\RYEWDVEB.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 1415680 _____ (wj32) C:\Program Files\RZF3FVR3.exe

2015-06-30 16:17 - 2015-06-30 16:17 - 1415680 _____ (wj32) C:\Program Files\S4KOA8KS.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 1415680 _____ (wj32) C:\Program Files\S6S4WA20.exe

2015-06-30 04:35 - 2015-06-30 04:35 - 1415680 _____ (wj32) C:\Program Files\S6WY0KF9.exe

2015-06-30 02:59 - 2015-06-30 02:59 - 1415680 _____ (wj32) C:\Program Files\S80H0INB.exe

2015-06-30 02:59 - 2015-06-30 02:59 - 1415680 _____ (wj32) C:\Program Files\SACMOGIA.exe

2015-06-30 16:24 - 2015-06-30 16:24 - 1415680 _____ (wj32) C:\Program Files\SFHJJEXS.exe

2015-06-27 04:02 - 2015-06-27 04:02 - 1415680 _____ (wj32) C:\Program Files\SKVW118I.exe

2015-06-30 20:38 - 2015-06-30 20:38 - 1415680 _____ (wj32) C:\Program Files\SL3L3XSU.exe

2015-06-29 00:33 - 2015-06-29 00:33 - 1415680 _____ (wj32) C:\Program Files\ST6KXLWY.exe

2015-06-30 04:26 - 2015-06-30 04:26 - 1415680 _____ (wj32) C:\Program Files\SZ5KA5NT.exe

2015-06-26 19:21 - 2015-06-26 19:21 - 1415680 _____ (wj32) C:\Program Files\T2GXL7LI.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 1415680 _____ (wj32) C:\Program Files\T5RP7DVX.exe

2015-06-30 18:19 - 2015-06-30 18:19 - 1415680 _____ (wj32) C:\Program Files\T807Z47K.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 1415680 _____ (wj32) C:\Program Files\TFRZBX1P.exe

2015-06-30 17:41 - 2015-06-30 17:41 - 1415680 _____ (wj32) C:\Program Files\THGS38A0.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 1415680 _____ (wj32) C:\Program Files\TLNFV7TL.exe

2015-06-30 16:00 - 2015-06-30 16:00 - 1415680 _____ (wj32) C:\Program Files\TPPRNH7N.exe

2015-06-29 22:51 - 2015-06-29 22:51 - 1415680 _____ (wj32) C:\Program Files\TXBF6KYN.exe

2015-06-30 16:20 - 2015-06-30 16:20 - 1415680 _____ (wj32) C:\Program Files\TXPSW1HV.exe

2015-06-29 19:32 - 2015-06-29 19:32 - 1415680 _____ (wj32) C:\Program Files\U16ZHMGL.exe

2015-06-30 03:57 - 2015-06-30 03:57 - 1415680 _____ (wj32) C:\Program Files\U8ACEGUP.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\U8KA0KYS.exe

2015-06-30 04:16 - 2015-06-30 04:16 - 1415680 _____ (wj32) C:\Program Files\UCHO4C6C.exe

2015-06-30 16:19 - 2015-06-30 16:19 - 1415680 _____ (wj32) C:\Program Files\UDLB32DS.exe

2015-06-30 20:22 - 2015-06-30 20:22 - 1415680 _____ (wj32) C:\Program Files\UMKIME02.exe

2015-06-30 20:24 - 2015-06-30 20:24 - 1415680 _____ (wj32) C:\Program Files\US46I6YU.exe

2015-06-28 18:58 - 2015-06-28 18:58 - 1415680 _____ (wj32) C:\Program Files\USEO5RH2.exe

2015-06-28 18:58 - 2015-06-28 18:58 - 1415680 _____ (wj32) C:\Program Files\UZ6ZUCUJ.exe

2015-06-30 20:21 - 2015-06-30 20:21 - 1415680 _____ (wj32) C:\Program Files\V1GT8U91.exe

2015-06-29 00:08 - 2015-06-29 00:08 - 1415680 _____ (wj32) C:\Program Files\V37B37V3.exe

2015-06-26 19:22 - 2015-06-26 19:22 - 1415680 _____ (wj32) C:\Program Files\V4DWDRNZ.exe

2015-06-30 16:10 - 2015-06-30 16:10 - 1415680 _____ (wj32) C:\Program Files\VAF7ZH9F.exe

2015-06-30 04:32 - 2015-06-30 04:32 - 1415680 _____ (wj32) C:\Program Files\VBF7ZHMB.exe

2015-06-30 16:07 - 2015-06-30 16:07 - 1415680 _____ (wj32) C:\Program Files\VC4K1FDI.exe

2015-06-30 03:09 - 2015-06-30 03:09 - 1415680 _____ (wj32) C:\Program Files\VDFN51NJ.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 1415680 _____ (wj32) C:\Program Files\VLB73NDT.exe

2015-06-30 20:23 - 2015-06-30 20:23 - 1415680 _____ (wj32) C:\Program Files\VOI0TN57.exe

2015-06-29 23:17 - 2015-06-29 23:17 - 1415680 _____ (wj32) C:\Program Files\VOV1J1V9.exe

2015-06-30 17:22 - 2015-06-30 17:22 - 1415680 _____ (wj32) C:\Program Files\VPUZSX2V.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 1415680 _____ (wj32) C:\Program Files\VXJV9VRB.exe

2015-06-30 17:22 - 2015-06-30 17:22 - 1415680 _____ (wj32) C:\Program Files\W1TN3KL1.exe

2015-06-30 16:39 - 2015-06-30 16:39 - 1415680 _____ (wj32) C:\Program Files\W2WPW1UO.exe

2015-06-29 02:38 - 2015-06-29 02:38 - 1415680 _____ (wj32) C:\Program Files\WCKW8SW8.exe

2015-06-30 17:16 - 2015-06-30 17:16 - 1415680 _____ (wj32) C:\Program Files\WD5AD59E.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 1415680 _____ (wj32) C:\Program Files\WK5NGBI7.exe

2015-06-30 03:20 - 2015-06-30 03:20 - 1415680 _____ (wj32) C:\Program Files\WLDF4TLZ.exe

2015-06-30 03:41 - 2015-06-30 03:41 - 1415680 _____ (wj32) C:\Program Files\WP7PKEJY.exe

2015-06-30 03:30 - 2015-06-30 03:30 - 1415680 _____ (wj32) C:\Program Files\WRXFMO2I.exe

2015-06-30 02:42 - 2015-06-30 02:42 - 1415680 _____ (wj32) C:\Program Files\WSXRXHAF.exe

2015-06-30 20:23 - 2015-06-30 20:23 - 1415680 _____ (wj32) C:\Program Files\X91P13P7.exe

2015-06-30 03:30 - 2015-06-30 03:30 - 1415680 _____ (wj32) C:\Program Files\XDIZRWOP.exe

2015-06-30 03:35 - 2015-06-30 03:35 - 1415680 _____ (wj32) C:\Program Files\XF8D5ZS0.exe

2015-06-29 19:04 - 2015-06-29 19:04 - 1415680 _____ (wj32) C:\Program Files\XH13RNZN.exe

2015-06-30 16:16 - 2015-06-30 16:16 - 1415680 _____ (wj32) C:\Program Files\XJGFWI3P.exe

2015-06-30 16:31 - 2015-06-30 16:31 - 1415680 _____ (wj32) C:\Program Files\XPJBMIM0.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 1415680 _____ (wj32) C:\Program Files\XT5X9S1S.exe

2015-06-30 17:29 - 2015-06-30 17:29 - 1415680 _____ (wj32) C:\Program Files\XWV1GMUT.exe

2015-06-30 17:31 - 2015-06-30 17:31 - 1415680 _____ (wj32) C:\Program Files\XZCR7PWY.exe

2015-06-30 20:45 - 2015-06-30 20:45 - 1415680 _____ (wj32) C:\Program Files\XZDFH3FN.exe

2015-06-30 03:29 - 2015-06-30 03:29 - 1415680 _____ (wj32) C:\Program Files\Y5OMJE7Y.exe

2015-06-30 16:04 - 2015-06-30 16:04 - 1415680 _____ (wj32) C:\Program Files\YACY28IS.exe

2015-06-30 16:29 - 2015-06-30 16:29 - 1415680 _____ (wj32) C:\Program Files\YAW8M86Y.exe

2015-06-30 16:02 - 2015-06-30 16:02 - 1415680 _____ (wj32) C:\Program Files\YEVDIBIJ.exe

2015-06-30 17:04 - 2015-06-30 17:04 - 1415680 _____ (wj32) C:\Program Files\YGNGXF89.exe

2015-06-30 04:37 - 2015-06-30 04:37 - 1415680 _____ (wj32) C:\Program Files\YGYRLEWK.exe

2015-06-29 23:35 - 2015-06-29 23:35 - 1415680 _____ (wj32) C:\Program Files\YHMPA0L3.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\YI06O6O8.exe

2015-06-30 04:58 - 2015-06-30 04:58 - 1415680 _____ (wj32) C:\Program Files\YIBVOI0I.exe

2015-06-30 16:03 - 2015-06-30 16:03 - 1415680 _____ (wj32) C:\Program Files\YIO6OTBR.exe

2015-06-30 16:19 - 2015-06-30 16:19 - 1415680 _____ (wj32) C:\Program Files\YKOGW6CW.exe

2015-06-27 03:26 - 2015-06-27 03:26 - 1415680 _____ (wj32) C:\Program Files\YPUYK5J2.exe

2015-06-30 04:01 - 2015-06-30 04:01 - 1415680 _____ (wj32) C:\Program Files\YSASASLC.exe

2015-06-30 03:00 - 2015-06-30 03:00 - 1415680 _____ (wj32) C:\Program Files\Z3FVJNZR.exe

2015-06-30 16:37 - 2015-06-30 16:37 - 1415680 _____ (wj32) C:\Program Files\Z48NFVNH.exe

2015-06-30 03:04 - 2015-06-30 03:04 - 1415680 _____ (wj32) C:\Program Files\Z9VZRVB7.exe

2015-06-30 04:47 - 2015-06-30 04:47 - 1415680 _____ (wj32) C:\Program Files\ZB9HJ191.exe

2015-06-30 16:05 - 2015-06-30 16:05 - 1415680 _____ (wj32) C:\Program Files\ZBNZBNSA.exe

2015-06-30 03:25 - 2015-06-30 03:25 - 1415680 _____ (wj32) C:\Program Files\ZHZBTBDB.exe

2015-06-30 04:28 - 2015-06-30 04:28 - 1415680 _____ (wj32) C:\Program Files\ZHZHZSZK.exe

2015-06-30 17:40 - 2015-06-30 17:40 - 1415680 _____ (wj32) C:\Program Files\ZSMPTPHH.exe

2015-06-30 20:31 - 2015-06-30 20:31 - 1415680 _____ (wj32) C:\Program Files\ZT9EJOIA.exe

2015-06-30 04:46 - 2015-06-30 04:46 - 1415680 _____ (wj32) C:\Program Files\ZTM4ZTB2.exe

2015-06-27 02:11 - 2015-06-27 02:11 - 1415680 _____ (wj32) C:\Program Files\ZTZ6OJ2M.exe

2015-06-30 16:21 - 2015-06-30 16:21 - 1415680 _____ (wj32) C:\Program Files\ZX5PB97B.exe

2015-06-08 15:11 - 2015-06-08 15:11 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe GIF Format CS6 Prefs

2015-02-01 23:56 - 2015-06-23 03:35 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs

2015-06-26 02:23 - 2015-06-27 00:31 - 0001090 _____ () C:\Users\User\AppData\Roaming\burnaware.ini

2015-02-03 16:26 - 2015-05-31 23:12 - 0001456 _____ () C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-06-27 19:49 - 2015-06-28 20:17 - 0007605 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg

2014-11-21 14:46 - 2014-11-21 14:46 - 80478208 ___SH (Redtail Technology) C:\ProgramData\msboivr.exe

Files to move or delete:

====================

C:\ProgramData\msboivr.exe

C:\Users\User\agent.exe

C:\Users\User\DRTCP021.exe

C:\Users\User\launchAgent.bat

C:\Users\User\launchDrTCP.bat

Some files in TEMP:

====================

C:\Users\User\AppData\Local\Temp\1784.exe

C:\Users\User\AppData\Local\Temp\2044.exe

C:\Users\User\AppData\Local\Temp\7341.exe

C:\Users\User\AppData\Local\Temp\Baidusd.Setup.3.0.0.4609.youqian_1050100127.exe

C:\Users\User\AppData\Local\Temp\C7E3F18D-C425-8F58-361D-57B616AFDBE7.dll

C:\Users\User\AppData\Local\Temp\C7E3F18D-C425-8F58-361D-57B616AFDBE7.exe

C:\Users\User\AppData\Local\Temp\cdo1252641414.dll

C:\Users\User\AppData\Local\Temp\cdo1303436251.dll

C:\Users\User\AppData\Local\Temp\cdo1648931299.dll

C:\Users\User\AppData\Local\Temp\cdo176525552.dll

C:\Users\User\AppData\Local\Temp\cdo2014346179.dll

C:\Users\User\AppData\Local\Temp\cdo2617439117.dll

C:\Users\User\AppData\Local\Temp\cdo2713525325.dll

C:\Users\User\AppData\Local\Temp\cdo2800307215.dll

C:\Users\User\AppData\Local\Temp\cdo3140728003.dll

C:\Users\User\AppData\Local\Temp\cdo3681541224.dll

C:\Users\User\AppData\Local\Temp\cdo521479653.dll

C:\Users\User\AppData\Local\Temp\cdo78369314.dll

C:\Users\User\AppData\Local\Temp\cdo807235250.dll

C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqr5as0.dll

C:\Users\User\AppData\Local\Temp\DseShExt-x64.dll

C:\Users\User\AppData\Local\Temp\DseShExt-x86.dll

C:\Users\User\AppData\Local\Temp\ebgcabfbcaja.exe

C:\Users\User\AppData\Local\Temp\ebgcabfbdfjc.exe

C:\Users\User\AppData\Local\Temp\genteert.dll

C:\Users\User\AppData\Local\Temp\McCSPInstall.dll

C:\Users\User\AppData\Local\Temp\mccspuninstall.exe

C:\Users\User\AppData\Local\Temp\mt4cifh0.exe

C:\Users\User\AppData\Local\Temp\oo2.exe

C:\Users\User\AppData\Local\Temp\PidGenX.dll

C:\Users\User\AppData\Local\Temp\SDShelEx-win32.dll

C:\Users\User\AppData\Local\Temp\SDShelEx-x64.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-30 18:33

==================== End of log ============================

#4
Sanket

Posted 30 June 2015 - 11:34 AM

Member

Topic Starter
Member
15 posts

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01

Ran by User at 2015-06-30 23:00:27

Running from C:\Users\User\Desktop

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4064182937-4136054916-3625840862-500 - Administrator - Disabled)

Guest (S-1-5-21-4064182937-4136054916-3625840862-501 - Limited - Disabled)

User (S-1-5-21-4064182937-4136054916-3625840862-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.14 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)

Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)

Airtel NetXpert 3.0 (HKLM-x32\...\Airtel NetXpert_is1) (Version: 3.0 - Bharti Airtel)

ALSong (HKLM-x32\...\ALSong_is1) (Version: 1.9 - ESTsoft Corp.)

ALTools Update (HKLM-x32\...\ALUpdate_is1) (Version: - ESTsoft Corp.)

AMD Catalyst Install Manager (HKLM\...\{F46E8ADA-DCD9-B9C4-AA2F-28C4405E710D}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)

Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden

BitTorrent (HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)

bl (x32 Version: 1.0.0 - Your Company Name) Hidden

CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden

Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)

Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden

Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden

Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - EN (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)

CorelDRAW Graphics Suite X6 (x32 Version: 16.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden

CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.12 - NCH Software)

Dell System Detect (HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell)

Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.13.5 - Synaptics Incorporated)

Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)

Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)

Dropbox (HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)

f.lux (HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\Flux) (Version: - )

Free YouTube Downloader 4.0.301 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)

Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )

HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)

Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)

Java™ 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Kinect for Windows Drivers v1.7 (HKLM\...\{075687FF-27E5-4713-9E1A-704B768811D3}) (Version: 1.7.0.529 - Microsoft Corporation)

Kinect for Windows Runtime v1.7 (HKLM\...\{7DC40FDF-C442-4E5A-AD50-1AAFDCA9DC37}) (Version: 1.7.0.529 - Microsoft Corporation)

Kinect for Windows SDK v1.7 (HKLM\...\{B21057EB-E950-43A3-9196-4A59C9867B6C}) (Version: 1.7.0.529 - Microsoft Corporation)

Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)

Linkage (HKLM-x32\...\{5A30BA95-664F-4F68-B29D-4DA753268F4C}) (Version: 3.0.8 - David Rector)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)

Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)

Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)

NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)

OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)

OpenNI 1.5.4.0 for Windows (HKLM-x32\...\{B20F89B2-FE51-443A-85A7-32CF8C555655}) (Version: 1.5.4.0 - PrimeSense)

OpenNI 1.5.4.0 for Windows 64-bit (HKLM\...\{C6EE4454-8B2E-4AA8-BF72-53E12A6E963B}) (Version: 1.5.4.0 - PrimeSense)

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

ph (x32 Version: 1.0.0 - Your Company Name) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

PriceMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version: - ) <==== ATTENTION

PrimeSense - NITE 1.5.2.21 for Windows (HKLM-x32\...\{B5FFB89C-AB66-491C-BC6C-9DAAFE09E8CE}) (Version: 1.5.2.21 - PrimeSense)

PrimeSense - NITE 1.5.2.21 for Windows 64-bit (HKLM\...\{CAD5BE24-2883-447A-81C6-F6091E94B4DE}) (Version: 1.5.2.21 - PrimeSense)

PrimeSense Sensor KinectMod 5.1.2.1 for Windows (HKLM-x32\...\{4E04CBF0-C4C0-4D3D-8E53-C250CC748D80}) (Version: 5.1.2.1 - PrimeSense)

PrimeSense Sensor KinectMod 5.1.2.1 for Windows 64-bit (HKLM\...\{51730934-67F4-49E4-9277-90AA723E4F06}) (Version: 5.1.2.1 - PrimeSense)

PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)

Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)

WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)

WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)

Windows Driver Package - PrimeSense (psdrv3) PrimeSense (05/22/2012 3.1.3.1) (HKLM\...\306D8A3B302B0969C2826C7D167B3BBB394FC100) (Version: 05/22/2012 3.1.3.1 - PrimeSense)

Windows Driver Package - PrimeSense (psdrv3) PrimeSense (05/27/2013 3.2.0.2) (HKLM\...\82DD881A809E2BBEAF5399AC9F7FC5A32FAB8DA1) (Version: 05/27/2013 3.2.0.2 - PrimeSense)

Windows Driver Package - PrimeSense (psdrv3) PrimeSense (11/21/2011 3.1.3.1) (HKLM\...\59FE2B0678F6F48A16DB906F7750213CD41BD9C1) (Version: 11/21/2011 3.1.3.1 - PrimeSense)

Windows Driver Package - PrimeSense (psdrv3) PrimeSense (11/21/2011 3.1.3.1) (HKLM\...\F51BEF9C0C3A82026BF1EBA9F1F5F08EFF1BE870) (Version: 11/21/2011 3.1.3.1 - PrimeSense)

Windows Installer XML Toolset 3.5 (HKLM-x32\...\{CB509245-1245-4867-8BD4-6B2C5A734504}) (Version: 3.5.2519.0 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

WordWeb (HKLM-x32\...\WordWeb) (Version: 7 - WordWeb Software)

YTD Video Downloader 4.8.7 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.7 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EE8744C-CD07-4C96-B171-551A3F14F5B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)

Task: {111DD6B1-3D32-4D71-9B34-37EA5FE2D006} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}\office 2013 activator (kmspico 9.1.3).exe <==== ATTENTION

Task: {134F9B0A-CAEE-43C8-A852-63FDE7C72109} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)

Task: {168342E7-D869-42D0-9EEE-16935D5D4265} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-7 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-7.exe <==== ATTENTION

Task: {48A93589-CD17-4EB6-B057-9AC52D8CB076} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-6 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-6.exe <==== ATTENTION

Task: {583B872B-4A93-4F26-B1E5-1E3BEFE2920F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)

Task: {5866C778-7331-4A80-B90C-56AD0FBEEC2F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)

Task: {6735047D-7852-42A8-9A6D-946CD9513593} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-1-7.exe <==== ATTENTION

Task: {73EFA4BA-48E9-4868-A3F4-C14A75AC78D4} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\ESTsoft\ALSong\ALSong.exe [2009-01-12] (ESTsoft corp.)

Task: {763B522F-83C6-4883-B328-102C8EDD21C8} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION

Task: {7B588F36-F57C-4446-A666-78FE4FE0D9DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)

Task: {7D851370-398C-4E79-A54D-5908F66470DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {809FE14F-921E-4FAC-938C-3B6FBD419ED4} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-1-6.exe <==== ATTENTION

Task: {8CEEBFD1-91C3-4A7F-BB05-94BFC1A2E9BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {9061D9DF-EBFA-48C8-9C02-EDAD53A0A93D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DELL-User Dell => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)

Task: {929A8D66-C113-4397-B34B-C3C44DD6EA69} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-06] (Synaptics Incorporated)

Task: {93596931-FFE7-4B79-8CC9-103396679505} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001Core => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

Task: {B092AFA4-9853-48C4-A0D1-C130CA247570} - System32\Tasks\FNIQYHVL => C:\ProgramData\54c1fc65d2be43d1b5912d6632dbad70\54c1fc65d2be43d1b5912d6632dbad70.exe <==== ATTENTION

Task: {B1197667-C6E6-444B-920A-BCF08FBBCEAF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-12-03] ()

Task: {B37E7599-1B6D-4CA8-8173-77CA09BA5706} - System32\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4 => C:\Program Files (x86)\SavePass 1.1\4652072b-041a-4d46-b300-5cb6025f14d8-4.exe <==== ATTENTION

Task: {C8FFA308-723F-4770-822E-E1BFA58D8845} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-5.exe <==== ATTENTION

Task: {E4D01D57-49EF-4CEE-A31F-BDB0082DB0BE} - System32\Tasks\{655AE90B-6DB6-4720-AF8C-EC1D800CCCBB} => pcalua.exe -a "C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\uninst.exe"

Task: {EA906671-9EAE-4F2B-B284-BC2D09541214} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)

Task: {ECD455A8-BE04-4961-8B40-334C872E9149} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001UA => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

Task: {F312837E-DE0D-41A5-9629-F9676D7BC95D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4064182937-4136054916-3625840862-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe

Task: {F9DB884E-272F-4E78-AEE7-84A2B5645EDC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-02] (Microsoft Corporation)

Task: {FF99AFF3-B532-4568-998D-A19AC59AA1DB} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-5.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job => C:\Program Files (x86)\SavePass 1.1\4652072b-041a-4d46-b300-5cb6025f14d8-4.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}\office 2013 activator (kmspico 9.1.3).exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001Core.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4064182937-4136054916-3625840862-1001UA.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-03 13:19 - 2012-09-18 15:27 - 00192512 _____ () C:\WINDOWS\System32\zlhp1020.dll

2015-05-03 13:19 - 2012-09-18 15:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll

2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2015-06-12 19:08 - 2014-01-13 11:54 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll

2015-03-04 20:40 - 2014-11-24 11:40 - 00744448 _____ () C:\Program Files\NetWorx\sqlite.dll

2012-10-16 15:09 - 2012-10-16 15:09 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

2014-12-03 10:34 - 2013-06-09 10:59 - 02926848 _____ () C:\WINDOWS\wweb32.dll

2015-06-30 22:42 - 2015-06-30 22:42 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqr5as0.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00750080 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00047616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00865280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00200704 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00010240 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00726016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll

2015-03-05 03:15 - 2015-03-19 12:45 - 00010240 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

2015-06-30 22:40 - 2015-06-30 22:40 - 00098816 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32api.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00110080 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\pywintypes27.dll

2015-06-30 22:40 - 2015-06-30 22:40 - 00364544 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\pythoncom27.dll

2015-06-30 22:40 - 2015-06-30 22:40 - 00045568 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_socket.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 01161216 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_ssl.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00320512 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32com.shell.shell.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00713216 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_hashlib.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 01175040 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._core_.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00805888 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._gdi_.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00811008 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._windows_.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 01062400 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._controls_.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00735232 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._misc_.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00682496 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\pysqlite2._sqlite.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_ctypes.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00119808 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32file.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00108544 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32security.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00007168 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\hashobjs_ext.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\usb_ext.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00167936 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32gui.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00018432 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32event.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00128512 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_elementtree.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00127488 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\pyexpat.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00013824 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\common.time34.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00036864 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_psutil_windows.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00038912 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32inet.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00011264 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32crypt.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00070656 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._html2.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00027136 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_multiprocessing.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00020480 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\_yappi.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00035840 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32process.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00686080 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\unicodedata.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00122368 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._wizard.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00024064 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32pipe.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00010240 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\select.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00025600 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32pdh.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00525640 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\windows._lib_cacheinvalidation.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00017408 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32profile.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00022528 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\win32ts.pyd

2015-06-30 22:40 - 2015-06-30 22:40 - 00078336 _____ () C:\Users\User\AppData\Local\Temp\_MEI45322\wx._animate.pyd

2015-06-23 01:16 - 2015-06-20 11:16 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll

2015-06-23 01:16 - 2015-06-20 11:16 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll

2014-12-02 03:23 - 2013-12-11 10:57 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\User\Cookies:eHAmoLcd7LLsHDUbODKWBfewrC0

AlternateDataStreams: C:\Users\User\OneDrive:ms-properties

AlternateDataStreams: C:\Users\User\AppData\Local\Temp:gsbm8dwTRNkHsC3l6SpsZQamO4

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Classes\exefile: <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_2080.jpg

DNS Servers: 116.74.100.28 - 202.88.130.15

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKLM\...\StartupApproved\Run32: => "BaiduSdTray"

HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\StartupApproved\Run: => "f.lux"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{A8EF70D7-7B8A-4C15-B750-FC97E6275139}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{C319F8CB-A933-4A00-A6DC-C3103B791185}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{1CB25D38-BBA6-4015-945B-A355A81327CC}] => (Allow) C:\Program Files\NetWorx\networx.exe

FirewallRules: [{F5B53036-6DCC-4815-A02B-A83C440DA450}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{F545525B-EC09-4769-A646-400E721C736A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{5BFABC58-9045-4D0B-A85A-17E9F00BF932}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

FirewallRules: [{60498334-00DD-4EA5-B974-40759A985233}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

FirewallRules: [{ABECDC8F-ACFF-47A9-8DCD-12CCA65B7593}] => (Allow) LPort=7935

FirewallRules: [{88A74B9C-154F-4B20-BDB9-82A7FD4AF908}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe

FirewallRules: [{D0305075-CE31-4A30-AB8E-C9A56F3D776B}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe

FirewallRules: [{EF7D87B8-E9BF-4CAB-B4FC-3721E25CD88F}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{BB977321-950D-4D3C-A40A-E1303D52F6C9}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{97B7B2EE-22B5-489D-AE6E-B85D0D51982F}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe

FirewallRules: [{71DAFEE8-2C26-4409-B47E-3286B28658D7}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe

FirewallRules: [{2CD84515-63BA-4372-9061-961B5C02030A}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe

FirewallRules: [{49854FE5-6C6F-43EA-9901-C0B2B45AFFBB}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe

FirewallRules: [{84FC1B5A-1FD8-4374-BEF5-3E335E9A26EB}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe

FirewallRules: [{76CDCE51-D003-420F-B9B5-A71816857F47}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe

FirewallRules: [{6DF51BCB-EA1E-48EC-8787-A2668BA19E73}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSd.exe

FirewallRules: [{DA37011A-5825-4C08-9E90-EEFA693A02D5}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSd.exe

FirewallRules: [{12CE4935-769E-471B-B46F-614C02D08490}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSd.exe

FirewallRules: [{A839D3C0-25A0-4871-B59C-EE9D2270B80A}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSd.exe

FirewallRules: [{DEB7137E-9704-4B12-A94A-15D9E4BE6711}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSd.exe

FirewallRules: [{241E7C31-5307-4B2E-A4CF-D8118B9A2759}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSd.exe

FirewallRules: [{4F5FED47-EBF4-4521-9126-A3F4E9368CEB}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe

FirewallRules: [{66795BAD-EFCB-45B1-8B1A-F5E821C4D5A0}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe

FirewallRules: [{39F6EF13-3E82-48FC-A70F-E7733FCB71A3}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe

FirewallRules: [{42DCECD8-A231-4AF0-BE66-EA6EE3EFE1AF}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe

FirewallRules: [{86BB4402-A330-467F-9337-E7D62FE96295}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe

FirewallRules: [{4EEED291-5C47-4561-A75F-70F7E6761384}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe

FirewallRules: [{F9379EE3-E90C-47E5-BCC1-EF8D685BFD0E}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe

FirewallRules: [{F09D98B3-0825-4FAD-BE3C-CDC10FEC6D2C}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe

FirewallRules: [{594C8A57-5E59-4BBE-8784-9A07E54D1614}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe

FirewallRules: [{78E1B333-6A2D-4551-85B5-BAAAE91C8FC7}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe

FirewallRules: [{B9B54335-FF31-4019-9495-AE25078590F2}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe

FirewallRules: [{045DE05F-9BC6-43E7-B4BC-730575D238B2}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdUpdate.exe

FirewallRules: [{F097E4E7-A117-455A-B568-6987DCAD1679}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe

FirewallRules: [{5CE80C6A-DDA7-4DC1-8FFB-19E13D547FF0}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe

FirewallRules: [{0CF117D4-6FF0-43AB-A55A-7E62AF95EB35}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe

FirewallRules: [{A1F972FC-221F-49CD-8760-D787DB3B2241}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe

FirewallRules: [{582690DC-D648-4F52-B0C0-684300455354}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe

FirewallRules: [{F5883D98-F3CC-4688-B75B-0931BCA96582}] => (Allow) C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdBugRpt.exe

FirewallRules: [{FAFE8231-6EF9-4228-B9F9-50D09C910529}] => (Allow) C:\program files (x86)\common files\baidu\bddownload\108\bddownloader.exe

FirewallRules: [{4FB69919-1A3F-498B-840D-531BC952A404}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{B8E4B2E7-4960-4850-85E4-F27D6F4008AE}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{DD73C8D2-B111-4ED3-B323-EAD71B1D9C05}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{80DF6DB1-D2A9-4539-A1D9-9EEE03B1CFA1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{AE267DDA-A804-4C42-88AE-24DAD39349CE}] => (Allow) LPort=2869

FirewallRules: [{A5F4C9CF-6B0A-4664-BD52-BB3499D6CD69}] => (Allow) LPort=1900

FirewallRules: [{6BEF8BD8-6E87-46E5-B31D-30D2ACC37F1B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{86D8B316-8385-47E9-AB78-E23FCB6001EF}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\AutoPico.exe

FirewallRules: [{9496CC14-D144-4DE0-A731-F7F6B2B7DB18}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\AutoPico.exe

FirewallRules: [{C03CD734-3364-4A18-863C-0D6D2D713C37}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\KMSServer.exe

FirewallRules: [{151A4F1F-F4A1-457E-87B9-ADACA831D876}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\KMSServer.exe

FirewallRules: [{DFF7FAD9-5C43-44C9-864A-81209257643D}] => (Allow) LPort=1688

FirewallRules: [{27D26A84-495F-44AA-9E41-E316050D6996}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{E8B672A9-DE4B-4E65-BEC3-340F1E2DCC31}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe

FirewallRules: [{A75E059A-D4C1-43DC-BD47-35E082E5E27D}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe

FirewallRules: [{05B20EC8-5F1A-48D4-BD25-C7AB26FDB996}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe

FirewallRules: [{A2580504-277C-4943-80E8-C176AF195BBC}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe

FirewallRules: [{3973F8CD-2B91-49E3-9D31-ABDDB9497453}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe

FirewallRules: [{7E38808B-FF69-41EC-9D3B-C14048CACC11}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe

FirewallRules: [{F0917746-66D0-419C-A254-560FE806D13E}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe

FirewallRules: [{754AAEA3-5D6F-4DAA-821F-0551D1366030}] => (Block) %ProgramFiles%\Adobe\Adobe SpeedGrade CS6\bin\SpeedGrade.exe

FirewallRules: [{C84C6287-1270-41F0-9789-68CDE8BB4846}] => (Block) %ProgramFiles%\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe

FirewallRules: [{5B49EB4F-F8DB-4E95-9312-262CD0029255}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe

FirewallRules: [{6C06257C-326C-4B32-AE09-280ACEB6D7B8}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

FirewallRules: [{D7744429-2264-4DD3-9817-60CEB87F5E23}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe InDesign CS6\InDesign.exe

FirewallRules: [{ED583E76-624D-4292-B310-1A673BA3FE5C}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe

FirewallRules: [TCP Query User{8CA6F766-C204-44A2-A0AB-932A9967FE55}D:\softwares\big ones. softwares\office 13 64 bit\microsoft toolkit activator 2.4.7\~get your software here\microsoft toolkit.exe] => (Allow) D:\softwares\big ones. softwares\office 13 64 bit\microsoft toolkit activator 2.4.7\~get your software here\microsoft toolkit.exe

FirewallRules: [UDP Query User{0C8EC537-22F0-42F9-A049-ADEBF0CAACF7}D:\softwares\big ones. softwares\office 13 64 bit\microsoft toolkit activator 2.4.7\~get your software here\microsoft toolkit.exe] => (Allow) D:\softwares\big ones. softwares\office 13 64 bit\microsoft toolkit activator 2.4.7\~get your software here\microsoft toolkit.exe

FirewallRules: [{A0BAE10E-DCDB-4266-9991-81B756CBD706}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe

FirewallRules: [{E7F84B37-9D1A-4BC0-BB26-05EF478BDDE1}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe

FirewallRules: [{229B26A9-FB1B-410C-BE4E-FA9B4BDE6DA5}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [{B37C4401-916A-4E63-AA23-A977D74DA06F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [{78340331-2FAB-498A-B7BF-787857BD7E12}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{6F38FA01-5850-4A26-9E57-0CCC47E72D31}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{FF0419A9-B0B2-4004-8BBC-D15C0C85E3EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{D4C31A7B-C0A5-47EA-AA2F-0BB274C9DA02}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [TCP Query User{982D7848-154E-468B-AC86-ADD035D2D563}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

==================== Faulty Device Manager Devices =============

Name: Intel® HD Graphics Family

Description: Intel® HD Graphics Family

Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel Corporation

Service: AMDKMDAP

Problem: : Windows has stopped this device because it has reported problems. (Code 43)

Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

==================== Event log errors: =========================

Application errors:

==================

Error: (06/30/2015 10:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: AutoKMS.exe, version: 2.4.7.0, time stamp: 0x51fd032f

Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737

Exception code: 0xe0434352

Fault offset: 0x0000000000008b9c

Faulting process id: 0x524

Faulting application start time: 0xAutoKMS.exe0

Faulting application path: AutoKMS.exe1

Faulting module path: AutoKMS.exe2

Report Id: AutoKMS.exe3

Faulting package full name: AutoKMS.exe4

Faulting package-relative application ID: AutoKMS.exe5

Error: (06/30/2015 10:45:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.ApplicationException

Stack:

at ..(Byte, Byte, .)

at ..(Byte[])

at ..(., .)

at ..(Byte[])

at ..(System.IAsyncResult)

at System.Net.LazyAsyncResult.Complete(IntPtr)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Net.ContextAwareResult.Complete(IntPtr)

at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (06/30/2015 10:40:16 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe, version: 0.0.0.0, time stamp: 0x4d8c9664

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000a77414b0

Faulting process id: 0x12d4

Faulting application start time: 0xCorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe0

Faulting application path: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe1

Faulting module path: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe2

Report Id: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe3

Faulting package full name: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe4

Faulting package-relative application ID: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe5

Error: (06/30/2015 10:10:16 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: AutoKMS.exe, version: 2.4.7.0, time stamp: 0x51fd032f

Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737

Exception code: 0xe0434352

Fault offset: 0x0000000000008b9c

Faulting process id: 0x568

Faulting application start time: 0xAutoKMS.exe0

Faulting application path: AutoKMS.exe1

Faulting module path: AutoKMS.exe2

Report Id: AutoKMS.exe3

Faulting package full name: AutoKMS.exe4

Faulting package-relative application ID: AutoKMS.exe5

Error: (06/30/2015 10:10:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.ApplicationException

Stack:

at ..(Byte, Byte, .)

at ..(Byte[])

at ..(., .)

at ..(Byte[])

at ..(System.IAsyncResult)

at System.Net.LazyAsyncResult.Complete(IntPtr)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Net.ContextAwareResult.Complete(IntPtr)

at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (06/30/2015 10:05:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe, version: 0.0.0.0, time stamp: 0x4d8c9664

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0000000032aa14b0

Faulting process id: 0x135c

Faulting application start time: 0xCorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe0

Faulting application path: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe1

Faulting module path: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe2

Report Id: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe3

Faulting package full name: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe4

Faulting package-relative application ID: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe5

Error: (06/30/2015 10:04:57 PM) (Source: ATIeRecord) (EventID: 16386) (User: )

Description: ATI EEU Client has failed to start

Error: (06/30/2015 10:04:52 PM) (Source: ATIeRecord) (EventID: 16386) (User: )

Description: ATI EEU Client has failed to start

Error: (06/30/2015 10:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177

Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336

Exception code: 0xc000000d

Fault offset: 0x0000000000101e60

Faulting process id: 0x6c4

Faulting application start time: 0xsvchost.exe_DiagTrack0

Faulting application path: svchost.exe_DiagTrack1

Faulting module path: svchost.exe_DiagTrack2

Report Id: svchost.exe_DiagTrack3

Faulting package full name: svchost.exe_DiagTrack4

Faulting package-relative application ID: svchost.exe_DiagTrack5

Error: (06/30/2015 10:02:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2

Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17415, time stamp: 0x54504b1a

Exception code: 0xc000027b

Fault offset: 0x00000000006d663b

Faulting process id: 0xa34

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

Faulting package full name: Explorer.EXE4

Faulting package-relative application ID: Explorer.EXE5

System errors:

=============

Error: (06/30/2015 11:00:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Windows Defender Service service terminated unexpectedly. It has done this 5 time(s).

Error: (06/30/2015 11:00:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Windows Defender Service service terminated unexpectedly. It has done this 4 time(s).

Error: (06/30/2015 10:42:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Windows Defender Service service terminated unexpectedly. It has done this 3 time(s).

Error: (06/30/2015 10:41:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Defender Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/30/2015 10:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Defender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/30/2015 10:39:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee AP Service service failed to start due to the following error:

%%2

Error: (06/30/2015 10:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The BDKVRTP Service service failed to start due to the following error:

%%2

Error: (06/30/2015 10:39:00 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: 0x000000ef (0xffffe000a6c86080, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP063015-24328-01

Error: (06/30/2015 10:38:49 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 10:29:49 PM on ‎6/‎30/‎2015 was unexpected.

Error: (06/30/2015 10:35:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Windows Defender Service service terminated unexpectedly. It has done this 11 time(s).

Microsoft Office:

=========================

Error: (06/30/2015 10:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: AutoKMS.exe2.4.7.051fd032fKERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c52401d0b3577eb819a1C:\Windows\AutoKMS\AutoKMS.exeC:\WINDOWS\system32\KERNELBASE.dll8f78fa3b-1f4b-11e5-bef2-74867a495aff

Error: (06/30/2015 10:45:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.ApplicationException

Stack:

at ..(Byte, Byte, .)

at ..(Byte[])

at ..(., .)

at ..(Byte[])

at ..(System.IAsyncResult)

at System.Net.LazyAsyncResult.Complete(IntPtr)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Net.ContextAwareResult.Complete(IntPtr)

at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (06/30/2015 10:40:16 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe0.0.0.04d8c9664unknown0.0.0.000000000c000000500000000a77414b012d401d0b357a27ddbb1C:\Windows\pcpps\CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exeunknowne038b68b-1f4a-11e5-bef2-74867a495aff

Error: (06/30/2015 10:10:16 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: AutoKMS.exe2.4.7.051fd032fKERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c56801d0b352b2d9051dC:\Windows\AutoKMS\AutoKMS.exeC:\WINDOWS\system32\KERNELBASE.dllaf74c912-1f46-11e5-bef1-74867a495aff

Error: (06/30/2015 10:10:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: AutoKMS.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.ApplicationException

Stack:

at ..(Byte, Byte, .)

at ..(Byte[])

at ..(., .)

at ..(Byte[])

at ..(System.IAsyncResult)

at System.Net.LazyAsyncResult.Complete(IntPtr)

at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)

at System.Net.ContextAwareResult.Complete(IntPtr)

at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (06/30/2015 10:05:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exe0.0.0.04d8c9664unknown0.0.0.000000000c00000050000000032aa14b0135c01d0b352cd4513a5C:\Windows\pcpps\CorelDRAWGraphicsSuiteX7Installer_EN64_Crack.exeunknown0ce21a1c-1f46-11e5-bef1-74867a495aff

Error: (06/30/2015 10:04:57 PM) (Source: ATIeRecord) (EventID: 16386) (User: )

Description:

Error: (06/30/2015 10:04:52 PM) (Source: ATIeRecord) (EventID: 16386) (User: )

Description:

Error: (06/30/2015 10:04:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e606c401d0b34f7a475e1cC:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dlld02d8994-1f45-11e5-bef0-74867a495aff

Error: (06/30/2015 10:02:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.3.9600.1766754c6f7c2Windows.UI.Xaml.dll6.3.9600.1741554504b1ac000027b00000000006d663ba3401d0b34f7f9ee682C:\WINDOWS\Explorer.EXEC:\Windows\System32\Windows.UI.Xaml.dll946371cf-1f45-11e5-bef0-74867a495aff

==================== Memory info ===========================

Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz

Percentage of memory in use: 49%

Total physical RAM: 6024.96 MB

Available physical RAM: 3072.31 MB

Total Pagefile: 12168.96 MB

Available Pagefile: 8771.68 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.91 GB) (Free:128.23 GB) NTFS

Drive d: (New Volume) (Fixed) (Total:296.02 GB) (Free:1.08 GB) NTFS

Drive f: (New Volume) (Fixed) (Total:346.63 GB) (Free:4.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

#5
Essexboy

Posted 30 June 2015 - 12:45 PM

GeekU Moderator

Retired Staff
69,964 posts

Congratulations you have managed to beat all records for the number of malware files on the system... This is due to using torrents and cracks. I will clean you up this time but if you come again and are still using cracks then you will be given no assistance

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Download the attached fixlist.txt to your desktop

fixlist.txt 42.17KB 368 downloads
Start FRST and press fix
On completion a log will be generated please post that

Due to the nature of this malware that may cause a blue screen, if it does then reboot to safe mode and run the fix from there

THEN

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S0].txt as well.

FINALLY

Could you run a fresh FRST scan to ensure that I have missed nothing

#6
Sanket

Posted 30 June 2015 - 06:36 PM

Member

Topic Starter
Member
15 posts

fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by User at 2015-07-01 05:47:32 Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [SmartWeb] => C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\...\CurrentVersion\Windows: [Load] C:\ProgramData\msboivr.exe <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:58531;https=127.0.0.1:58531
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysear...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysear...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<HTML><HEAD>
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<HTML><HEAD>
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysear...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysear...q={searchTerms}
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<HTML><HEAD>
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> DefaultScope {A0352F78-E89C-46CA-873F-ADD222900DED} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {A0352F78-E89C-46CA-873F-ADD222900DED} URL = http://www.luckysear...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.luckysear...q={searchTerms}
BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll No File
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll No File
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-02] (Thinknice Co. Limited)
BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll No File
Toolbar: HKU\S-1-5-21-4064182937-4136054916-3625840862-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.omniboxes...B0FA53589A53589
FF NewTab: hxxp://www.luckysearches.com/newtab/?type=nt&ts=1429177437&from=cmi&uid=ST1000LM024XHN-M101MBB_S314JB0FA53589A53589
FF DefaultSearchEngine: Secure Search
FF DefaultSearchEngine.US: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Homepage: hxxp://www.<HTML><HEAD>
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\luckysearches.xml [2015-04-16]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\omniboxes.xml [2015-04-16]
FF Extension: jid0coCUQ7NySNPcj72dA3557kKXGZUjetpack - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack [2015-04-20]
FF Extension: Search Enginer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] [2015-04-16]
FF Extension: Search Enginer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] [2015-04-16]
FF Extension: PoriceMinus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] [2015-06-01]
FF Extension: 06997db0c0274d5fbd37b0d9230226ea - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea} [2015-04-20]
FF Extension: 11b496ea481a11dc83140800200c9a66 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{11b496ea-481a-11dc-8314-0800200c9a66} [2015-04-20]
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-05]
FF Extension: Great Find - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{c0cebc48-e279-433d-941e-b6a337c130d6}.xpi [2015-06-26]
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
CHR Extension: (Hola Better Internet Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-05-27]
CHR Extension: (Hola Better Internet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-05-27]
R2 VSSS; C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [98832704 2015-06-26] (Microsoft Corporation) [File not signed] <==== ATTENTION
S1 cherimoya; system32\drivers\cherimoya.sys [X]
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
2015-06-30 20:47 - 2015-06-30 20:47 - 01415680 _____ (wj32) C:\Program Files\GWOGKNUJ.exe
2015-06-30 20:45 - 2015-06-30 20:45 - 01415680 _____ (wj32) C:\Program Files\XZDFH3FN.exe
2015-06-30 20:40 - 2015-06-30 20:40 - 01415680 _____ (wj32) C:\Program Files\05LSLKVW.exe
2015-06-30 20:38 - 2015-06-30 20:38 - 01415680 _____ (wj32) C:\Program Files\SL3L3XSU.exe
2015-06-30 20:38 - 2015-06-30 20:38 - 01415680 _____ (wj32) C:\Program Files\3XF8PUND.exe
2015-06-30 20:37 - 2015-06-30 20:37 - 01415680 _____ (wj32) C:\Program Files\8DIDIPKH.exe
2015-06-30 20:36 - 2015-06-30 20:36 - 01415680 _____ (wj32) C:\Program Files\4KCYK6XC.exe
2015-06-30 20:33 - 2015-06-30 20:33 - 01415680 _____ (wj32) C:\Program Files\3JBZT93N.exe
2015-06-30 20:31 - 2015-06-30 20:31 - 01415680 _____ (wj32) C:\Program Files\ZT9EJOIA.exe
2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\US46I6YU.exe
2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\LXP1FHZH.exe
2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\KLZSCHMO.exe
2015-06-30 20:24 - 2015-06-30 20:24 - 01415680 _____ (wj32) C:\Program Files\1F7CHYU7.exe
2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\X91P13P7.exe
2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\VOI0TN57.exe
2015-06-30 20:23 - 2015-06-30 20:23 - 01415680 _____ (wj32) C:\Program Files\NSXRK2WF.exe
2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\UMKIME02.exe
2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\4WOIAK70.exe
2015-06-30 20:22 - 2015-06-30 20:22 - 01415680 _____ (wj32) C:\Program Files\4KWEM8UO.exe
2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\V1GT8U91.exe
2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\K6Y8UF25.exe
2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\H7S47J4T.exe
2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\6YK62EAI.exe
2015-06-30 20:21 - 2015-06-30 20:21 - 01415680 _____ (wj32) C:\Program Files\6M2IG8C6.exe
2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\T807Z47K.exe
2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\CRLA4X25.exe
2015-06-30 18:19 - 2015-06-30 18:19 - 01415680 _____ (wj32) C:\Program Files\0WONMSKI.exe
2015-06-30 18:06 - 2015-06-30 18:06 - 01415680 _____ (wj32) C:\Program Files\B5NGAKV9.exe
2015-06-30 18:04 - 2015-06-30 18:04 - 01415680 _____ (wj32) C:\Program Files\KCSE0LJA.exe
2015-06-30 17:41 - 2015-06-30 17:41 - 01415680 _____ (wj32) C:\Program Files\THGS38A0.exe
2015-06-30 17:41 - 2015-06-30 17:41 - 01415680 _____ (wj32) C:\Program Files\FWMKBE8B.exe
2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\ZSMPTPHH.exe
2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\P7PWEWET.exe
2015-06-30 17:40 - 2015-06-30 17:40 - 01415680 _____ (wj32) C:\Program Files\2F46XMC5.exe
2015-06-30 17:38 - 2015-06-30 17:38 - 01415680 _____ (wj32) C:\Program Files\41UVPUDE.exe
2015-06-30 17:36 - 2015-06-30 17:36 - 01415680 _____ (wj32) C:\Program Files\KSK2O0SA.exe
2015-06-30 17:36 - 2015-06-30 17:36 - 01415680 _____ (wj32) C:\Program Files\G2KMIMOM.exe
2015-06-30 17:35 - 2015-06-30 17:35 - 01415680 _____ (wj32) C:\Program Files\6Z4MGJBE.exe
2015-06-30 17:34 - 2015-06-30 17:34 - 01415680 _____ (wj32) C:\Program Files\OKG5C5CK.exe
2015-06-30 17:34 - 2015-06-30 17:34 - 01415680 _____ (wj32) C:\Program Files\B6D6KL3K.exe
2015-06-30 17:31 - 2015-06-30 17:31 - 01415680 _____ (wj32) C:\Program Files\XZCR7PWY.exe
2015-06-30 17:29 - 2015-06-30 17:29 - 01415680 _____ (wj32) C:\Program Files\XWV1GMUT.exe
2015-06-30 17:29 - 2015-06-30 17:29 - 01415680 _____ (wj32) C:\Program Files\4KSUCEGK.exe
2015-06-30 17:28 - 2015-06-30 17:28 - 01415680 _____ (wj32) C:\Program Files\BFVCRX4S.exe
2015-06-30 17:27 - 2015-06-30 17:27 - 01415680 _____ (wj32) C:\Program Files\3WK8D6O4.exe
2015-06-30 17:27 - 2015-06-30 17:27 - 01415680 _____ (wj32) C:\Program Files\0U0UCIWC.exe
2015-06-30 17:26 - 2015-06-30 17:26 - 01415680 _____ (wj32) C:\Program Files\BRY71TZ0.exe
2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\W1TN3KL1.exe
2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\VPUZSX2V.exe
2015-06-30 17:22 - 2015-06-30 17:22 - 01415680 _____ (wj32) C:\Program Files\DUZ49RW2.exe
2015-06-30 17:18 - 2015-06-30 17:18 - 01415680 _____ (wj32) C:\Program Files\HX135XZ7.exe
2015-06-30 17:18 - 2015-06-30 17:18 - 01415680 _____ (wj32) C:\Program Files\BG9O3L2G.exe
2015-06-30 17:17 - 2015-06-30 17:17 - 01415680 _____ (wj32) C:\Program Files\C6ZJE6ZH.exe
2015-06-30 17:17 - 2015-06-30 17:17 - 01415680 _____ (wj32) C:\Program Files\A6ACE680.exe
2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\WD5AD59E.exe
2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\VXJV9VRB.exe
2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\S6S4WA20.exe
2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\MP69R9G5.exe
2015-06-30 17:16 - 2015-06-30 17:16 - 01415680 _____ (wj32) C:\Program Files\F455JJWL.exe
2015-06-30 17:15 - 2015-06-30 17:15 - 01415680 _____ (wj32) C:\Program Files\M7A2E69K.exe
2015-06-30 17:08 - 2015-06-30 17:08 - 01415680 _____ (wj32) C:\Program Files\6CHB4YRW.exe
2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\LNZ11FR4.exe
2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\CHP71JO6.exe
2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\BI0I0TBE.exe
2015-06-30 17:07 - 2015-06-30 17:07 - 01415680 _____ (wj32) C:\Program Files\37DHMEUC.exe
2015-06-30 17:05 - 2015-06-30 17:05 - 01415680 _____ (wj32) C:\Program Files\ASMRK4MR.exe
2015-06-30 17:04 - 2015-06-30 17:04 - 01415680 _____ (wj32) C:\Program Files\YGNGXF89.exe
2015-06-30 17:04 - 2015-06-30 17:04 - 01415680 _____ (wj32) C:\Program Files\05A3LKVB.exe
2015-06-30 17:02 - 2015-06-30 17:02 - 01415680 _____ (wj32) C:\Program Files\M8UG2O9J.exe
2015-06-30 17:00 - 2015-06-30 17:00 - 01415680 _____ (wj32) C:\Program Files\GLKK2I0E.exe
2015-06-30 16:59 - 2015-06-30 16:59 - 01415680 _____ (wj32) C:\Program Files\50INUZUN.exe
2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\K82KPVP3.exe
2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\AFM4XR9F.exe
2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\9P6Y1G8Y.exe
2015-06-30 16:57 - 2015-06-30 16:57 - 01415680 _____ (wj32) C:\Program Files\6DTBGA3T.exe
2015-06-30 16:55 - 2015-06-30 16:55 - 01415680 _____ (wj32) C:\Program Files\M5XEU8BG.exe
2015-06-30 16:55 - 2015-06-30 16:55 - 01415680 _____ (wj32) C:\Program Files\LA4JMME5.exe
2015-06-30 16:53 - 2015-06-30 16:53 - 01415680 _____ (wj32) C:\Program Files\JOL3WKPK.exe
2015-06-30 16:52 - 2015-06-30 16:52 - 01415680 _____ (wj32) C:\Program Files\HD5XT5O6.exe
2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\H9LN9DZR.exe
2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\7EWPUPJ1.exe
2015-06-30 16:47 - 2015-06-30 16:47 - 01415680 _____ (wj32) C:\Program Files\6AM4YY4K.exe
2015-06-30 16:46 - 2015-06-30 16:46 - 01415680 _____ (wj32) C:\Program Files\FA4M5ZSV.exe
2015-06-30 16:40 - 2015-06-30 16:40 - 01415680 _____ (wj32) C:\Program Files\BHWFETJV.exe
2015-06-30 16:40 - 2015-06-30 16:40 - 01415680 _____ (wj32) C:\Program Files\B5NGL2VS.exe
2015-06-30 16:39 - 2015-06-30 16:39 - 01415680 _____ (wj32) C:\Program Files\W2WPW1UO.exe
2015-06-30 16:37 - 2015-06-30 16:37 - 01415680 _____ (wj32) C:\Program Files\Z48NFVNH.exe
2015-06-30 16:31 - 2015-06-30 16:31 - 01415680 _____ (wj32) C:\Program Files\XPJBMIM0.exe
2015-06-30 16:29 - 2015-06-30 16:29 - 01415680 _____ (wj32) C:\Program Files\YAW8M86Y.exe
2015-06-30 16:29 - 2015-06-30 16:29 - 01415680 _____ (wj32) C:\Program Files\5NF7NSM0.exe
2015-06-30 16:24 - 2015-06-30 16:24 - 01415680 _____ (wj32) C:\Program Files\SFHJJEXS.exe
2015-06-30 16:24 - 2015-06-30 16:24 - 01415680 _____ (wj32) C:\Program Files\IUKBEJO7.exe
2015-06-30 16:23 - 2015-06-30 16:23 - 01415680 _____ (wj32) C:\Program Files\A2E6O6IC.exe
2015-06-30 16:23 - 2015-06-30 16:23 - 01415680 _____ (wj32) C:\Program Files\7J2U05HF.exe
2015-06-30 16:21 - 2015-06-30 16:21 - 01415680 _____ (wj32) C:\Program Files\ZX5PB97B.exe
2015-06-30 16:21 - 2015-06-30 16:21 - 01415680 _____ (wj32) C:\Program Files\A64W6YWO.exe
2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\TXPSW1HV.exe
2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\T5RP7DVX.exe
2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\RX4A4AF5.exe
2015-06-30 16:20 - 2015-06-30 16:20 - 01415680 _____ (wj32) C:\Program Files\KIXCF6Y4.exe
2015-06-30 16:19 - 2015-06-30 16:19 - 01415680 _____ (wj32) C:\Program Files\YKOGW6CW.exe
2015-06-30 16:19 - 2015-06-30 16:19 - 01415680 _____ (wj32) C:\Program Files\UDLB32DS.exe
2015-06-30 16:17 - 2015-06-30 16:17 - 01415680 _____ (wj32) C:\Program Files\S4KOA8KS.exe
2015-06-30 16:16 - 2015-06-30 16:16 - 01415680 _____ (wj32) C:\Program Files\XJGFWI3P.exe
2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\VAF7ZH9F.exe
2015-06-30 16:10 - 2015-06-30 16:10 - 01415680 _____ (wj32) C:\Program Files\RYEWDVEB.exe
2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\L0SXP5XY.exe
2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\K2JM15XR.exe
2015-06-30 16:08 - 2015-06-30 16:08 - 01415680 _____ (wj32) C:\Program Files\FZRLKW1V.exe
2015-06-30 16:07 - 2015-06-30 16:07 - 01415680 _____ (wj32) C:\Program Files\VC4K1FDI.exe
2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\ZBNZBNSA.exe
2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\XT5X9S1S.exe
2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\TFRZBX1P.exe
2015-06-30 16:05 - 2015-06-30 16:05 - 01415680 _____ (wj32) C:\Program Files\E64GSGOC.exe
2015-06-30 16:04 - 2015-06-30 16:04 - 01415680 _____ (wj32) C:\Program Files\YACY28IS.exe
2015-06-30 16:04 - 2015-06-30 16:04 - 01415680 _____ (wj32) C:\Program Files\9VN9VHXN.exe
2015-06-30 16:03 - 2015-06-30 16:03 - 01415680 _____ (wj32) C:\Program Files\YIO6OTBR.exe
2015-06-30 16:03 - 2015-06-30 16:03 - 01415680 _____ (wj32) C:\Program Files\RWPJ16ZS.exe
2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\YEVDIBIJ.exe
2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\WK5NGBI7.exe
2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\94MSZSMH.exe
2015-06-30 16:02 - 2015-06-30 16:02 - 01415680 _____ (wj32) C:\Program Files\4LDTBGX9.exe
2015-06-30 16:01 - 2015-06-30 16:01 - 01415680 _____ (wj32) C:\Program Files\EJOTBGAP.exe
2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\TPPRNH7N.exe
2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\TLNFV7TL.exe
2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\NR53HRBX.exe
2015-06-30 16:00 - 2015-06-30 16:00 - 01415680 _____ (wj32) C:\Program Files\2A0KWM60.exe
2015-06-30 15:59 - 2015-06-30 15:59 - 01415680 _____ (wj32) C:\Program Files\DFD9DPL5.exe
2015-06-30 05:02 - 2015-06-30 05:02 - 01415680 _____ (wj32) C:\Program Files\DUZFWPUK.exe
2015-06-30 05:01 - 2015-06-30 05:01 - 01415680 _____ (wj32) C:\Program Files\CMUGOOXN.exe
2015-06-30 04:58 - 2015-06-30 04:58 - 01415680 _____ (wj32) C:\Program Files\YIBVOI0I.exe
2015-06-30 04:57 - 2015-06-30 04:57 - 01415680 _____ (wj32) C:\Program Files\9EJ1UBG7.exe
2015-06-30 04:54 - 2015-06-30 04:54 - 01415680 _____ (wj32) C:\Program Files\G93L1TYP.exe
2015-06-30 04:53 - 2015-06-30 04:53 - 01415680 _____ (wj32) C:\Program Files\2OKYKM8M.exe
2015-06-30 04:52 - 2015-06-30 04:52 - 01415680 _____ (wj32) C:\Program Files\1FRTLZ1J.exe
2015-06-30 04:49 - 2015-06-30 04:49 - 01415680 _____ (wj32) C:\Program Files\FB37JV75.exe
2015-06-30 04:48 - 2015-06-30 04:48 - 01415680 _____ (wj32) C:\Program Files\KXP5DIZD.exe
2015-06-30 04:47 - 2015-06-30 04:47 - 01415680 _____ (wj32) C:\Program Files\ZB9HJ191.exe
2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\ZTM4ZTB2.exe
2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\OUPJ172F.exe
2015-06-30 04:46 - 2015-06-30 04:46 - 01415680 _____ (wj32) C:\Program Files\49E8DIN2.exe
2015-06-30 04:45 - 2015-06-30 04:45 - 01415680 _____ (wj32) C:\Program Files\R3FRGVJ9.exe
2015-06-30 04:45 - 2015-06-30 04:45 - 01415680 _____ (wj32) C:\Program Files\O6ZHC6OK.exe
2015-06-30 04:42 - 2015-06-30 04:42 - 01415680 _____ (wj32) C:\Program Files\GVNS916V.exe
2015-06-30 04:39 - 2015-06-30 04:39 - 01415680 _____ (wj32) C:\Program Files\L04KEMRS.exe
2015-06-30 04:37 - 2015-06-30 04:37 - 01415680 _____ (wj32) C:\Program Files\YGYRLEWK.exe
2015-06-30 04:36 - 2015-06-30 04:36 - 01415680 _____ (wj32) C:\Program Files\80TAIBTN.exe
2015-06-30 04:35 - 2015-06-30 04:35 - 01415680 _____ (wj32) C:\Program Files\S6WY0KF9.exe
2015-06-30 04:33 - 2015-06-30 04:33 - 01415680 _____ (wj32) C:\Program Files\58PHX1UK.exe
2015-06-30 04:32 - 2015-06-30 04:32 - 01415680 _____ (wj32) C:\Program Files\VBF7ZHMB.exe
2015-06-30 04:32 - 2015-06-30 04:32 - 01415680 _____ (wj32) C:\Program Files\0WGM4ZHK.exe
2015-06-30 04:30 - 2015-06-30 04:30 - 01415680 _____ (wj32) C:\Program Files\4XPHMKI4.exe
2015-06-30 04:29 - 2015-06-30 04:29 - 01415680 _____ (wj32) C:\Program Files\M4MFXR9B.exe
2015-06-30 04:28 - 2015-06-30 04:28 - 01415680 _____ (wj32) C:\Program Files\ZHZHZSZK.exe
2015-06-30 04:26 - 2015-06-30 04:26 - 01415680 _____ (wj32) C:\Program Files\SZ5KA5NT.exe
2015-06-30 04:26 - 2015-06-30 04:26 - 01415680 _____ (wj32) C:\Program Files\91I0INST.exe
2015-06-30 04:24 - 2015-06-30 04:24 - 01415680 _____ (wj32) C:\Program Files\FKPJ171F.exe
2015-06-30 04:21 - 2015-06-30 04:21 - 01415680 _____ (wj32) C:\Program Files\IYKK05PK.exe
2015-06-30 04:21 - 2015-06-30 04:21 - 01415680 _____ (wj32) C:\Program Files\HOTMGLZE.exe
2015-06-30 04:18 - 2015-06-30 04:18 - 01415680 _____ (wj32) C:\Program Files\OSLK7M2I.exe
2015-06-30 04:18 - 2015-06-30 04:18 - 01415680 _____ (wj32) C:\Program Files\IARW1UO2.exe
2015-06-30 04:16 - 2015-06-30 04:16 - 01415680 _____ (wj32) C:\Program Files\UCHO4C6C.exe
2015-06-30 04:15 - 2015-06-30 04:15 - 01415680 _____ (wj32) C:\Program Files\BRWK6YDK.exe
2015-06-30 04:14 - 2015-06-30 04:14 - 01415680 _____ (wj32) C:\Program Files\60GX0SXA.exe
2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\LP2GT7PS.exe
2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\E8E8KWES.exe
2015-06-30 04:13 - 2015-06-30 04:13 - 01415680 _____ (wj32) C:\Program Files\9D5XCH91.exe
2015-06-30 04:11 - 2015-06-30 04:11 - 01415680 _____ (wj32) C:\Program Files\AUNU2XM5.exe
2015-06-30 04:09 - 2015-06-30 04:09 - 01415680 _____ (wj32) C:\Program Files\A7K8FYTJ.exe
2015-06-30 04:08 - 2015-06-30 04:08 - 01415680 _____ (wj32) C:\Program Files\CVDVK8YG.exe
2015-06-30 04:08 - 2015-06-30 04:08 - 01415680 _____ (wj32) C:\Program Files\9JPEVDJN.exe
2015-06-30 04:06 - 2015-06-30 04:06 - 01415680 _____ (wj32) C:\Program Files\5N5N5ZSJ.exe
2015-06-30 04:06 - 2015-06-30 04:06 - 01415680 _____ (wj32) C:\Program Files\4B4YG9EJ.exe
2015-06-30 04:01 - 2015-06-30 04:01 - 01415680 _____ (wj32) C:\Program Files\YSASASLC.exe
2015-06-30 04:01 - 2015-06-30 04:01 - 01415680 _____ (wj32) C:\Program Files\B5YGASAI.exe
2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\U8ACEGUP.exe
2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\RKSMP7S8.exe
2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\RJBKTLDT.exe
2015-06-30 03:57 - 2015-06-30 03:57 - 01415680 _____ (wj32) C:\Program Files\CHMP7B3S.exe
2015-06-30 03:54 - 2015-06-30 03:54 - 01415680 _____ (wj32) C:\Program Files\OTM3VNST.exe
2015-06-30 03:54 - 2015-06-30 03:54 - 01415680 _____ (wj32) C:\Program Files\2GGI9PF6.exe
2015-06-30 03:51 - 2015-06-30 03:51 - 01415680 _____ (wj32) C:\Program Files\HY1V03L9.exe
2015-06-30 03:44 - 2015-06-30 03:44 - 01415680 _____ (wj32) C:\Program Files\B3WK8KV0.exe
2015-06-30 03:43 - 2015-06-30 03:43 - 01415680 _____ (wj32) C:\Program Files\D7PUZ49Y.exe
2015-06-30 03:43 - 2015-06-30 03:43 - 01415680 _____ (wj32) C:\Program Files\05BG82VS.exe
2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\WP7PKEJY.exe
2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\JZ4VCHZ7.exe
2015-06-30 03:41 - 2015-06-30 03:41 - 01415680 _____ (wj32) C:\Program Files\0SKC46OW.exe
2015-06-30 03:39 - 2015-06-30 03:39 - 01415680 _____ (wj32) C:\Program Files\4JWWUNO4.exe
2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\N5L2YTLM.exe
2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\B1K349RW.exe
2015-06-30 03:36 - 2015-06-30 03:36 - 01415680 _____ (wj32) C:\Program Files\AOAWEGUK.exe
2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\L04ARH9C.exe
2015-06-30 03:35 - 2015-06-30 03:35 - 01415680 _____ (wj32) C:\Program Files\03XP5MRZ.exe
2015-06-30 03:34 - 2015-06-30 03:34 - 01415680 _____ (wj32) C:\Program Files\85RDI4VR.exe
2015-06-30 03:33 - 2015-06-30 03:33 - 01415680 _____ (wj32) C:\Program Files\K8PICST4.exe
2015-06-30 03:32 - 2015-06-30 03:32 - 01415680 _____ (wj32) C:\Program Files\KXLAFXPK.exe
2015-06-30 03:31 - 2015-06-30 03:31 - 01415680 _____ (wj32) C:\Program Files\6DVDVD80.exe
2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\XDIZRWOP.exe
2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\WRXFMO2I.exe
2015-06-30 03:30 - 2015-06-30 03:30 - 01415680 _____ (wj32) C:\Program Files\KV0GXDIV.exe
2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\Y5OMJE7Y.exe
2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\IO6DJDVO.exe
2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\FTIV20GU.exe
2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\94X5CV00.exe
2015-06-30 03:29 - 2015-06-30 03:29 - 01415680 _____ (wj32) C:\Program Files\81JDVOT6.exe
2015-06-30 03:28 - 2015-06-30 22:04 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-30 03:28 - 2015-06-30 03:28 - 01415680 _____ (wj32) C:\Program Files\H05HMCOM.exe
2015-06-30 03:28 - 2015-06-30 03:28 - 01415680 _____ (wj32) C:\Program Files\CSE0G8OS.exe
2015-06-30 03:27 - 2015-06-30 03:27 - 01415680 _____ (wj32) C:\Program Files\9C4M49EB.exe
2015-06-30 03:26 - 2015-06-30 03:26 - 01415680 _____ (wj32) C:\Program Files\I05A2IZS.exe
2015-06-30 03:25 - 2015-06-30 03:25 - 01415680 _____ (wj32) C:\Program Files\ZHZBTBDB.exe
2015-06-30 03:25 - 2015-06-30 03:25 - 01415680 _____ (wj32) C:\Program Files\P5XUM29A.exe
2015-06-30 03:24 - 2015-06-30 03:24 - 01415680 _____ (wj32) C:\Program Files\5NHN4DVP.exe
2015-06-30 03:22 - 2015-06-30 03:22 - 01415680 _____ (wj32) C:\Program Files\NSA4X2JB.exe
2015-06-30 03:20 - 2015-06-30 03:20 - 01415680 _____ (wj32) C:\Program Files\WLDF4TLZ.exe
2015-06-30 03:19 - 2015-06-30 03:19 - 01415680 _____ (wj32) C:\Program Files\HXP7OHO2.exe
2015-06-30 03:19 - 2015-06-30 03:19 - 01415680 _____ (wj32) C:\Program Files\CUC5N5C5.exe
2015-06-30 03:16 - 2015-06-30 03:16 - 01415680 _____ (wj32) C:\Program Files\RTV77W9X.exe
2015-06-30 03:16 - 2015-06-30 03:16 - 01415680 _____ (wj32) C:\Program Files\P6ZGU8O4.exe
2015-06-30 03:12 - 2015-06-30 03:12 - 01415680 _____ (wj32) C:\Program Files\3BD5R3FD.exe
2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\VDFN51NJ.exe
2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\EENYUAFR.exe
2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\C4WOKSUU.exe
2015-06-30 03:09 - 2015-06-30 03:09 - 01415680 _____ (wj32) C:\Program Files\9IR03V3V.exe
2015-06-30 03:07 - 2015-06-30 03:07 - 00000000 ____D C:\Users\User\AppData\Roaming\ZTEMTUI
2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\G9381VKS.exe
2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\B3KNSWSG.exe
2015-06-30 03:06 - 2015-06-30 03:06 - 01415680 _____ (wj32) C:\Program Files\A80CUMOM.exe
2015-06-30 03:05 - 2015-06-30 03:05 - 01415680 _____ (wj32) C:\Program Files\KKAMKM2I.exe
2015-06-30 03:05 - 2015-06-30 03:05 - 01415680 _____ (wj32) C:\Program Files\3BBFNNRZ.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\Z9VZRVB7.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\YI06O6O8.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\U8KA0KYS.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\RJOSKNS6.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\O8A6EYIC.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\MKYAY6AA.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\H1FZP7L9.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\G0K0CWCS.exe
2015-06-30 03:04 - 2015-06-30 03:04 - 01415680 _____ (wj32) C:\Program Files\2I6MKKYY.exe
2015-06-30 03:03 - 2015-06-30 03:03 - 01415680 _____ (wj32) C:\Program Files\C8AUAW0O.exe
2015-06-30 03:03 - 2015-06-30 03:03 - 01415680 _____ (wj32) C:\Program Files\4WI42IAU.exe
2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\Z3FVJNZR.exe
2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\VLB73NDT.exe
2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\RZF3FVR3.exe
2015-06-30 03:00 - 2015-06-30 03:00 - 01415680 _____ (wj32) C:\Program Files\HKCRVA25.exe
2015-06-30 02:59 - 2015-06-30 02:59 - 01415680 _____ (wj32) C:\Program Files\SACMOGIA.exe
2015-06-30 02:59 - 2015-06-30 02:59 - 01415680 _____ (wj32) C:\Program Files\S80H0INB.exe
2015-06-30 02:46 - 2015-06-30 02:46 - 01415680 _____ (wj32) C:\Program Files\3EKKWWSZ.exe
2015-06-30 02:42 - 2015-06-30 02:42 - 01415680 _____ (wj32) C:\Program Files\WSXRXHAF.exe
2015-06-30 02:42 - 2015-06-30 02:42 - 01415680 _____ (wj32) C:\Program Files\6B5NSAF6.exe
2015-06-30 00:20 - 2015-06-30 00:20 - 01415680 _____ (wj32) C:\Program Files\NIGLMT04.exe
2015-06-29 23:53 - 2015-06-29 23:53 - 01415680 _____ (wj32) C:\Program Files\7SBUFYH9.exe
2015-06-29 23:35 - 2015-06-29 23:35 - 01415680 _____ (wj32) C:\Program Files\YHMPA0L3.exe
2015-06-29 23:35 - 2015-06-29 23:35 - 01415680 _____ (wj32) C:\Program Files\C0WKSOO0.exe
2015-06-29 23:29 - 2015-06-29 23:29 - 01415680 _____ (wj32) C:\Program Files\7JVR397V.exe
2015-06-29 23:25 - 2015-06-29 23:29 - 05157536 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup (1).exe
2015-06-29 23:17 - 2015-06-29 23:17 - 01415680 _____ (wj32) C:\Program Files\VOV1J1V9.exe
2015-06-29 23:17 - 2015-06-29 23:17 - 01415680 _____ (wj32) C:\Program Files\PR68XOPJ.exe
2015-06-29 23:16 - 2015-06-29 23:38 - 00000000 ____D C:\Program Files\stinger
2015-06-29 22:51 - 2015-06-29 22:51 - 01415680 _____ (wj32) C:\Program Files\TXBF6KYN.exe
2015-06-29 22:01 - 2015-06-29 22:01 - 01415680 _____ (wj32) C:\Program Files\C4L1IN3K.exe
2015-06-29 21:48 - 2015-06-29 21:59 - 07720664 _____ (McAfee, Inc.) C:\Users\User\Downloads\Setup_serial_vXhmvuT7FQA_QT7-DpztaA2_key.exe
2015-06-29 21:27 - 2015-06-29 21:27 - 01415680 _____ (wj32) C:\Program Files\JJ37R7FN.exe
2015-06-29 21:26 - 2015-06-29 21:26 - 01415680 _____ (wj32) C:\Program Files\EAMAW8WO.exe
2015-06-29 21:14 - 2015-06-29 21:14 - 01415680 _____ (wj32) C:\Program Files\K8P5A2WA.exe
2015-06-29 21:14 - 2015-06-29 21:14 - 01415680 _____ (wj32) C:\Program Files\I5NJCYD5.exe
2015-06-29 19:39 - 2015-06-29 19:39 - 01415680 _____ (wj32) C:\Program Files\PHXFAB6N.exe
2015-06-29 19:36 - 2015-06-29 19:36 - 01415680 _____ (wj32) C:\Program Files\NVKIJKXX.exe
2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\U16ZHMGL.exe
2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\LX9NZL7P.exe
2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\IA2MU6SM.exe
2015-06-29 19:32 - 2015-06-29 19:32 - 01415680 _____ (wj32) C:\Program Files\CYKCAI4U.exe
2015-06-29 19:30 - 2015-06-29 19:30 - 00000103 _____ C:\Users\User\Desktop\oas-disabled-fix.cmd
2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\O2E02G8W.exe
2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\MYACMEWO.exe
2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\97D535NB.exe
2015-06-29 19:22 - 2015-06-29 19:22 - 01415680 _____ (wj32) C:\Program Files\6YWEGYKO.exe
2015-06-29 19:04 - 2015-06-29 19:04 - 01415680 _____ (wj32) C:\Program Files\XH13RNZN.exe
2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\PZXDLPJL.exe
2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\DFHPNZRZ.exe
2015-06-29 17:34 - 2015-06-29 17:34 - 01415680 _____ (wj32) C:\Program Files\86SA47OK.exe
2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\I4OAWGC0.exe
2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\AAKUGWC6.exe
2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\5DV9BTJV.exe
2015-06-29 16:54 - 2015-06-29 16:54 - 01415680 _____ (wj32) C:\Program Files\1JZR9E6W.exe
2015-06-29 16:43 - 2015-06-29 16:43 - 01415680 _____ (wj32) C:\Program Files\4KIACA82.exe
2015-06-29 16:43 - 2015-06-29 16:43 - 01415680 _____ (wj32) C:\Program Files\380FK0UP.exe
2015-06-29 16:10 - 2015-06-29 16:10 - 01415680 _____ (wj32) C:\Program Files\MOW4CO20.exe
2015-06-29 16:06 - 2015-06-29 16:06 - 01415680 _____ (wj32) C:\Program Files\JC4Y3W1R.exe
2015-06-29 16:03 - 2015-06-29 16:03 - 01415680 _____ (wj32) C:\Program Files\3PBXOKG7.exe
2015-06-29 02:47 - 2015-06-29 02:47 - 00196538 _____ C:\Users\User\Downloads\watch (1).htm
2015-06-29 02:38 - 2015-06-29 02:38 - 01415680 _____ (wj32) C:\Program Files\WCKW8SW8.exe
2015-06-29 02:38 - 2015-06-29 02:38 - 01415680 _____ (wj32) C:\Program Files\EGYW0ECW.exe
2015-06-29 01:59 - 2015-06-29 01:59 - 01415680 _____ (wj32) C:\Program Files\FIA26B3S.exe
2015-06-29 01:59 - 2015-06-29 01:59 - 01415680 _____ (wj32) C:\Program Files\1DVNPHJ7.exe
2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\K2L6IGSO.exe
2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\8R3V7K20.exe
2015-06-29 00:38 - 2015-06-29 00:38 - 01415680 _____ (wj32) C:\Program Files\68WMOU04.exe
2015-06-29 00:35 - 2015-06-29 00:35 - 01415680 _____ (wj32) C:\Program Files\E670AGAY.exe
2015-06-29 00:33 - 2015-06-29 00:33 - 01415680 _____ (wj32) C:\Program Files\ST6KXLWY.exe
2015-06-29 00:27 - 2015-06-29 00:27 - 01415680 _____ (wj32) C:\Program Files\GSW8SCSO.exe
2015-06-29 00:27 - 2015-06-29 00:27 - 01415680 _____ (wj32) C:\Program Files\CKOWOSOG.exe
2015-06-29 00:19 - 2015-06-29 00:19 - 00020064 _____ C:\Users\User\Downloads\MONOVA.ORG CorelDRAW Graphics Suite X7 [Eng] 32bit-64bit including crack.torrent
2015-06-29 00:15 - 2015-06-29 00:15 - 01415680 _____ (wj32) C:\Program Files\26YE0M80.exe
2015-06-29 00:08 - 2015-06-29 00:08 - 01415680 _____ (wj32) C:\Program Files\V37B37V3.exe
2015-06-28 19:56 - 2015-06-28 19:56 - 01415680 _____ (wj32) C:\Program Files\L160S701.exe
2015-06-28 19:56 - 2015-06-28 19:56 - 01415680 _____ (wj32) C:\Program Files\CKOOWW0O.exe
2015-06-28 19:49 - 2015-06-28 19:49 - 01415680 _____ (wj32) C:\Program Files\IKCOMEWA.exe
2015-06-28 19:49 - 2015-06-28 19:49 - 01415680 _____ (wj32) C:\Program Files\5DX5DLPX.exe
2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\UZ6ZUCUJ.exe
2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\USEO5RH2.exe
2015-06-28 18:58 - 2015-06-28 18:58 - 01415680 _____ (wj32) C:\Program Files\PBXUGRCA.exe
2015-06-28 02:52 - 2015-06-28 02:52 - 01415680 _____ (wj32) C:\Program Files\M24YKCIG.exe
2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\P6P3C3PK.exe
2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\EXEAO5TK.exe
2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\CTWD6B50.exe
2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\CL73ZKEB.exe
2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\AS06Y0C0.exe
2015-06-27 19:31 - 2015-06-27 19:31 - 01415680 _____ (wj32) C:\Program Files\1N5RPBJ1.exe
2015-06-27 04:02 - 2015-06-27 04:02 - 01415680 _____ (wj32) C:\Program Files\SKVW118I.exe
2015-06-27 03:57 - 2015-06-27 03:57 - 01415680 _____ (wj32) C:\Program Files\RRV37ZZJ.exe
2015-06-27 03:53 - 2015-06-27 03:53 - 00347816 _____ (Microsoft Corporation) C:\Users\User\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2015-06-27 03:33 - 2015-06-27 03:33 - 01415680 _____ (wj32) C:\Program Files\DJ5R1TF7.exe
2015-06-27 03:26 - 2015-06-27 03:26 - 01415680 _____ (wj32) C:\Program Files\YPUYK5J2.exe
2015-06-27 03:26 - 2015-06-27 03:26 - 01415680 _____ (wj32) C:\Program Files\IOI06BGH.exe
2015-06-27 03:19 - 2015-06-27 03:19 - 01415680 _____ (wj32) C:\Program Files\LT9T9LTX.exe
2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\ZTZ6OJ2M.exe
2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\JVFNBRBZ.exe
2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\JRBJB1BB.exe
2015-06-27 02:11 - 2015-06-27 02:11 - 01415680 _____ (wj32) C:\Program Files\IR3C432E.exe
2015-06-27 02:10 - 2015-06-27 02:10 - 01415680 _____ (wj32) C:\Program Files\95HPHL7T.exe
2015-06-27 02:10 - 2015-06-27 02:10 - 01415680 _____ (wj32) C:\Program Files\775FT7H7.exe
2015-06-27 02:04 - 2015-06-27 02:04 - 01415680 _____ (wj32) C:\Program Files\0ZV76CB3.exe
2015-06-27 01:07 - 2015-06-27 01:07 - 01415680 _____ (wj32) C:\Program Files\DHTX1XXD.exe
2015-06-26 19:23 - 2015-06-26 19:23 - 01415680 _____ (wj32) C:\Program Files\A1NWAO2H.exe
2015-06-26 19:22 - 2015-06-26 19:22 - 01415680 _____ (wj32) C:\Program Files\V4DWDRNZ.exe
2015-06-26 19:22 - 2015-06-26 19:22 - 01415680 _____ (wj32) C:\Program Files\401NW5WB.exe
2015-06-26 19:21 - 2015-06-26 19:21 - 01415680 _____ (wj32) C:\Program Files\T2GXL7LI.exe
2015-06-26 19:21 - 2015-06-26 19:21 - 01415680 _____ (wj32) C:\Program Files\6UBPY7KN.exe
2015-06-26 02:22 - 2015-06-27 00:24 - 00000000 ____D C:\Users\User\AppData\Roaming\OpenCandy
2015-05-31 16:24 - 2015-05-31 16:24 - 00000118 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-31 14:40 - 2015-05-31 14:40 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-30 22:39 - 2015-04-16 14:55 - 00004148 _____ C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job
2015-06-30 22:06 - 2015-05-26 22:06 - 00000396 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job
2015-06-30 03:07 - 2014-12-17 22:54 - 00000000 ____D C:\Users\User\AppData\Roaming\AC2787-ZTEEVDO
2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieUserList
2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieSiteList
2015-06-30 03:04 - 2015-04-12 16:15 - 00000000 __SHD C:\Users\User\AppData\Local\EmieBrowserModeList
2015-06-30 00:32 - 2015-04-16 14:42 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-29 21:12 - 2015-04-16 14:47 - 00000000 ____D C:\Program Files (x86)\3b5e57a9-2300-42b6-837e-64ff9ae02ad6
2015-06-06 16:06 - 2015-05-26 22:06 - 00000000 ____D C:\ProgramData\{1132ae0a-e898-0430-1132-2ae0ae89b82b}
Task: {111DD6B1-3D32-4D71-9B34-37EA5FE2D006} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}\office 2013 activator (kmspico 9.1.3).exe <==== ATTENTION
Task: {168342E7-D869-42D0-9EEE-16935D5D4265} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-7 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-7.exe <==== ATTENTION
Task: {48A93589-CD17-4EB6-B057-9AC52D8CB076} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-6 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-6.exe <==== ATTENTION
Task: {6735047D-7852-42A8-9A6D-946CD9513593} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-1-7.exe <==== ATTENTION
Task: {763B522F-83C6-4883-B328-102C8EDD21C8} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {809FE14F-921E-4FAC-938C-3B6FBD419ED4} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-1-6.exe <==== ATTENTION
Task: {B092AFA4-9853-48C4-A0D1-C130CA247570} - System32\Tasks\FNIQYHVL => C:\ProgramData\54c1fc65d2be43d1b5912d6632dbad70\54c1fc65d2be43d1b5912d6632dbad70.exe <==== ATTENTION
Task: {B1197667-C6E6-444B-920A-BCF08FBBCEAF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-12-03] ()
Task: {B37E7599-1B6D-4CA8-8173-77CA09BA5706} - System32\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4 => C:\Program Files (x86)\SavePass 1.1\4652072b-041a-4d46-b300-5cb6025f14d8-4.exe <==== ATTENTION
Task: {C8FFA308-723F-4770-822E-E1BFA58D8845} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-5.exe <==== ATTENTION
Task: {FF99AFF3-B532-4568-998D-A19AC59AA1DB} - System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5 => C:\Program Files (x86)\CinemaPlus-3.2cV15.04\4b000afa-875c-484f-8c15-349907757973-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job => C:\Program Files (x86)\SavePass 1.1\4652072b-041a-4d46-b300-5cb6025f14d8-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}\office 2013 activator (kmspico 9.1.3).exe <==== ATTENTION
AlternateDataStreams: C:\Users\User\Cookies:eHAmoLcd7LLsHDUbODKWBfewrC0
AlternateDataStreams: C:\Users\User\OneDrive:ms-properties
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:gsbm8dwTRNkHsC3l6SpsZQamO4
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Classes\exefile: <===== ATTENTION!
C:\ProgramData\msboivr.exe
C:\Users\User\agent.exe
C:\Users\User\DRTCP021.exe
C:\Users\User\launchAgent.bat
C:\Users\User\launchDrTCP.bat
c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}
C:\Program Files (x86)\CinemaPlus-3.2cV15.04
C:\ProgramData\54c1fc65d2be43d1b5912d6632dbad70
C:\Program Files (x86)\SavePass 1.1
C:\Program Files\shopperz
C:\Users\User\AppData\Local\SmartWeb
C:\Program Files (x86)\Great Find
C:\Program Files (x86)\XTab
C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\Program Files\kprocesshacker.sys
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers

*****************

Error: (0) Failed to create a restore point.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SmartWeb => value removed successfully
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => value restored successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found.
"HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0352F78-E89C-46CA-873F-ADD222900DED}" => key removed successfully
HKCR\CLSID\{A0352F78-E89C-46CA-873F-ADD222900DED} => key not found.
"HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D}" => key removed successfully
"HKCR\CLSID\{5081D2D4-1637-404c-B74F-50526718257D}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1cc2bb80-20ab-43e5-b958-432d72b546ca}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{1cc2bb80-20ab-43e5-b958-432d72b546ca}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{5081D2D4-1637-404c-B74F-50526718257D}" => key removed successfully
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
Firefox newtab removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox DefaultSearchEngine.US removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\luckysearches.xml => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\searchplugins\omniboxes.xml => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\[email protected] => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea} => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{11b496ea-481a-11dc-8314-0800200c9a66} => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} => moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\Extensions\{c0cebc48-e279-433d-941e-b6a337c130d6}.xpi => moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D} => value removed successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng => moved successfully.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio => moved successfully.
VSSS => Unable to stop service.
VSSS => Service removed successfully
cherimoya => Service removed successfully
KProcessHacker2 => Unable to stop service.
KProcessHacker2 => Service removed successfully
C:\Program Files\GWOGKNUJ.exe => moved successfully.
C:\Program Files\XZDFH3FN.exe => moved successfully.
C:\Program Files\05LSLKVW.exe => moved successfully.
C:\Program Files\SL3L3XSU.exe => moved successfully.
C:\Program Files\3XF8PUND.exe => moved successfully.
C:\Program Files\8DIDIPKH.exe => moved successfully.
C:\Program Files\4KCYK6XC.exe => moved successfully.
C:\Program Files\3JBZT93N.exe => moved successfully.
C:\Program Files\ZT9EJOIA.exe => moved successfully.
C:\Program Files\US46I6YU.exe => moved successfully.
C:\Program Files\LXP1FHZH.exe => moved successfully.
C:\Program Files\KLZSCHMO.exe => moved successfully.
C:\Program Files\1F7CHYU7.exe => moved successfully.
C:\Program Files\X91P13P7.exe => moved successfully.
C:\Program Files\VOI0TN57.exe => moved successfully.
C:\Program Files\NSXRK2WF.exe => moved successfully.
C:\Program Files\UMKIME02.exe => moved successfully.
C:\Program Files\4WOIAK70.exe => moved successfully.
C:\Program Files\4KWEM8UO.exe => moved successfully.
C:\Program Files\V1GT8U91.exe => moved successfully.
C:\Program Files\K6Y8UF25.exe => moved successfully.
C:\Program Files\H7S47J4T.exe => moved successfully.
C:\Program Files\6YK62EAI.exe => moved successfully.
C:\Program Files\6M2IG8C6.exe => moved successfully.
C:\Program Files\T807Z47K.exe => moved successfully.
C:\Program Files\CRLA4X25.exe => moved successfully.
C:\Program Files\0WONMSKI.exe => moved successfully.
C:\Program Files\B5NGAKV9.exe => moved successfully.
C:\Program Files\KCSE0LJA.exe => moved successfully.
C:\Program Files\THGS38A0.exe => moved successfully.
C:\Program Files\FWMKBE8B.exe => moved successfully.
C:\Program Files\ZSMPTPHH.exe => moved successfully.
C:\Program Files\P7PWEWET.exe => moved successfully.
C:\Program Files\2F46XMC5.exe => moved successfully.
C:\Program Files\41UVPUDE.exe => moved successfully.
C:\Program Files\KSK2O0SA.exe => moved successfully.
C:\Program Files\G2KMIMOM.exe => moved successfully.
C:\Program Files\6Z4MGJBE.exe => moved successfully.
C:\Program Files\OKG5C5CK.exe => moved successfully.
C:\Program Files\B6D6KL3K.exe => moved successfully.
C:\Program Files\XZCR7PWY.exe => moved successfully.
C:\Program Files\XWV1GMUT.exe => moved successfully.
C:\Program Files\4KSUCEGK.exe => moved successfully.
C:\Program Files\BFVCRX4S.exe => moved successfully.
C:\Program Files\3WK8D6O4.exe => moved successfully.
C:\Program Files\0U0UCIWC.exe => moved successfully.
C:\Program Files\BRY71TZ0.exe => moved successfully.
C:\Program Files\W1TN3KL1.exe => moved successfully.
C:\Program Files\VPUZSX2V.exe => moved successfully.
C:\Program Files\DUZ49RW2.exe => moved successfully.
C:\Program Files\HX135XZ7.exe => moved successfully.
C:\Program Files\BG9O3L2G.exe => moved successfully.
C:\Program Files\C6ZJE6ZH.exe => moved successfully.
C:\Program Files\A6ACE680.exe => moved successfully.
C:\Program Files\WD5AD59E.exe => moved successfully.
C:\Program Files\VXJV9VRB.exe => moved successfully.
C:\Program Files\S6S4WA20.exe => moved successfully.
C:\Program Files\MP69R9G5.exe => moved successfully.
C:\Program Files\F455JJWL.exe => moved successfully.
C:\Program Files\M7A2E69K.exe => moved successfully.
C:\Program Files\6CHB4YRW.exe => moved successfully.
C:\Program Files\LNZ11FR4.exe => moved successfully.
C:\Program Files\CHP71JO6.exe => moved successfully.
C:\Program Files\BI0I0TBE.exe => moved successfully.
C:\Program Files\37DHMEUC.exe => moved successfully.
C:\Program Files\ASMRK4MR.exe => moved successfully.
C:\Program Files\YGNGXF89.exe => moved successfully.
C:\Program Files\05A3LKVB.exe => moved successfully.
C:\Program Files\M8UG2O9J.exe => moved successfully.
C:\Program Files\GLKK2I0E.exe => moved successfully.
C:\Program Files\50INUZUN.exe => moved successfully.
C:\Program Files\K82KPVP3.exe => moved successfully.
C:\Program Files\AFM4XR9F.exe => moved successfully.
C:\Program Files\9P6Y1G8Y.exe => moved successfully.
C:\Program Files\6DTBGA3T.exe => moved successfully.
C:\Program Files\M5XEU8BG.exe => moved successfully.
C:\Program Files\LA4JMME5.exe => moved successfully.
C:\Program Files\JOL3WKPK.exe => moved successfully.
C:\Program Files\HD5XT5O6.exe => moved successfully.
C:\Program Files\H9LN9DZR.exe => moved successfully.
C:\Program Files\7EWPUPJ1.exe => moved successfully.
C:\Program Files\6AM4YY4K.exe => moved successfully.
C:\Program Files\FA4M5ZSV.exe => moved successfully.
C:\Program Files\BHWFETJV.exe => moved successfully.
C:\Program Files\B5NGL2VS.exe => moved successfully.
C:\Program Files\W2WPW1UO.exe => moved successfully.
C:\Program Files\Z48NFVNH.exe => moved successfully.
C:\Program Files\XPJBMIM0.exe => moved successfully.
C:\Program Files\YAW8M86Y.exe => moved successfully.
C:\Program Files\5NF7NSM0.exe => moved successfully.
C:\Program Files\SFHJJEXS.exe => moved successfully.
C:\Program Files\IUKBEJO7.exe => moved successfully.
C:\Program Files\A2E6O6IC.exe => moved successfully.
C:\Program Files\7J2U05HF.exe => moved successfully.
C:\Program Files\ZX5PB97B.exe => moved successfully.
C:\Program Files\A64W6YWO.exe => moved successfully.
C:\Program Files\TXPSW1HV.exe => moved successfully.
C:\Program Files\T5RP7DVX.exe => moved successfully.
C:\Program Files\RX4A4AF5.exe => moved successfully.
C:\Program Files\KIXCF6Y4.exe => moved successfully.
C:\Program Files\YKOGW6CW.exe => moved successfully.
C:\Program Files\UDLB32DS.exe => moved successfully.
C:\Program Files\S4KOA8KS.exe => moved successfully.
C:\Program Files\XJGFWI3P.exe => moved successfully.
C:\Program Files\VAF7ZH9F.exe => moved successfully.
C:\Program Files\RYEWDVEB.exe => moved successfully.
C:\Program Files\L0SXP5XY.exe => moved successfully.
C:\Program Files\K2JM15XR.exe => moved successfully.
C:\Program Files\FZRLKW1V.exe => moved successfully.
C:\Program Files\VC4K1FDI.exe => moved successfully.
C:\Program Files\ZBNZBNSA.exe => moved successfully.
C:\Program Files\XT5X9S1S.exe => moved successfully.
C:\Program Files\TFRZBX1P.exe => moved successfully.
C:\Program Files\E64GSGOC.exe => moved successfully.
C:\Program Files\YACY28IS.exe => moved successfully.
C:\Program Files\9VN9VHXN.exe => moved successfully.
C:\Program Files\YIO6OTBR.exe => moved successfully.
C:\Program Files\RWPJ16ZS.exe => moved successfully.
C:\Program Files\YEVDIBIJ.exe => moved successfully.
C:\Program Files\WK5NGBI7.exe => moved successfully.
C:\Program Files\94MSZSMH.exe => moved successfully.
C:\Program Files\4LDTBGX9.exe => moved successfully.
C:\Program Files\EJOTBGAP.exe => moved successfully.
C:\Program Files\TPPRNH7N.exe => moved successfully.
C:\Program Files\TLNFV7TL.exe => moved successfully.
C:\Program Files\NR53HRBX.exe => moved successfully.
C:\Program Files\2A0KWM60.exe => moved successfully.
C:\Program Files\DFD9DPL5.exe => moved successfully.
C:\Program Files\DUZFWPUK.exe => moved successfully.
C:\Program Files\CMUGOOXN.exe => moved successfully.
C:\Program Files\YIBVOI0I.exe => moved successfully.
C:\Program Files\9EJ1UBG7.exe => moved successfully.
C:\Program Files\G93L1TYP.exe => moved successfully.
C:\Program Files\2OKYKM8M.exe => moved successfully.
C:\Program Files\1FRTLZ1J.exe => moved successfully.
C:\Program Files\FB37JV75.exe => moved successfully.
C:\Program Files\KXP5DIZD.exe => moved successfully.
C:\Program Files\ZB9HJ191.exe => moved successfully.
C:\Program Files\ZTM4ZTB2.exe => moved successfully.
C:\Program Files\OUPJ172F.exe => moved successfully.
C:\Program Files\49E8DIN2.exe => moved successfully.
C:\Program Files\R3FRGVJ9.exe => moved successfully.
C:\Program Files\O6ZHC6OK.exe => moved successfully.
C:\Program Files\GVNS916V.exe => moved successfully.
C:\Program Files\L04KEMRS.exe => moved successfully.
C:\Program Files\YGYRLEWK.exe => moved successfully.
C:\Program Files\80TAIBTN.exe => moved successfully.
C:\Program Files\S6WY0KF9.exe => moved successfully.
C:\Program Files\58PHX1UK.exe => moved successfully.
C:\Program Files\VBF7ZHMB.exe => moved successfully.
C:\Program Files\0WGM4ZHK.exe => moved successfully.
C:\Program Files\4XPHMKI4.exe => moved successfully.
C:\Program Files\M4MFXR9B.exe => moved successfully.
C:\Program Files\ZHZHZSZK.exe => moved successfully.
C:\Program Files\SZ5KA5NT.exe => moved successfully.
C:\Program Files\91I0INST.exe => moved successfully.
C:\Program Files\FKPJ171F.exe => moved successfully.
C:\Program Files\IYKK05PK.exe => moved successfully.
C:\Program Files\HOTMGLZE.exe => moved successfully.
C:\Program Files\OSLK7M2I.exe => moved successfully.
C:\Program Files\IARW1UO2.exe => moved successfully.
C:\Program Files\UCHO4C6C.exe => moved successfully.
C:\Program Files\BRWK6YDK.exe => moved successfully.
C:\Program Files\60GX0SXA.exe => moved successfully.
C:\Program Files\LP2GT7PS.exe => moved successfully.
C:\Program Files\E8E8KWES.exe => moved successfully.
C:\Program Files\9D5XCH91.exe => moved successfully.
C:\Program Files\AUNU2XM5.exe => moved successfully.
C:\Program Files\A7K8FYTJ.exe => moved successfully.
C:\Program Files\CVDVK8YG.exe => moved successfully.
C:\Program Files\9JPEVDJN.exe => moved successfully.
C:\Program Files\5N5N5ZSJ.exe => moved successfully.
C:\Program Files\4B4YG9EJ.exe => moved successfully.
C:\Program Files\YSASASLC.exe => moved successfully.
C:\Program Files\B5YGASAI.exe => moved successfully.
C:\Program Files\U8ACEGUP.exe => moved successfully.
C:\Program Files\RKSMP7S8.exe => moved successfully.
C:\Program Files\RJBKTLDT.exe => moved successfully.
C:\Program Files\CHMP7B3S.exe => moved successfully.
C:\Program Files\OTM3VNST.exe => moved successfully.
C:\Program Files\2GGI9PF6.exe => moved successfully.
C:\Program Files\HY1V03L9.exe => moved successfully.
C:\Program Files\B3WK8KV0.exe => moved successfully.
C:\Program Files\D7PUZ49Y.exe => moved successfully.
C:\Program Files\05BG82VS.exe => moved successfully.
C:\Program Files\WP7PKEJY.exe => moved successfully.
C:\Program Files\JZ4VCHZ7.exe => moved successfully.
C:\Program Files\0SKC46OW.exe => moved successfully.
C:\Program Files\4JWWUNO4.exe => moved successfully.
C:\Program Files\N5L2YTLM.exe => moved successfully.
C:\Program Files\B1K349RW.exe => moved successfully.
C:\Program Files\AOAWEGUK.exe => moved successfully.
C:\Program Files\L04ARH9C.exe => moved successfully.
C:\Program Files\03XP5MRZ.exe => moved successfully.
C:\Program Files\85RDI4VR.exe => moved successfully.
C:\Program Files\K8PICST4.exe => moved successfully.
C:\Program Files\KXLAFXPK.exe => moved successfully.
C:\Program Files\6DVDVD80.exe => moved successfully.
C:\Program Files\XDIZRWOP.exe => moved successfully.
C:\Program Files\WRXFMO2I.exe => moved successfully.
C:\Program Files\KV0GXDIV.exe => moved successfully.
C:\Program Files\Y5OMJE7Y.exe => moved successfully.
C:\Program Files\IO6DJDVO.exe => moved successfully.
C:\Program Files\FTIV20GU.exe => moved successfully.
C:\Program Files\94X5CV00.exe => moved successfully.
C:\Program Files\81JDVOT6.exe => moved successfully.
C:\ProgramData\AVAST Software => moved successfully.
C:\Program Files\H05HMCOM.exe => moved successfully.
C:\Program Files\CSE0G8OS.exe => moved successfully.
C:\Program Files\9C4M49EB.exe => moved successfully.
C:\Program Files\I05A2IZS.exe => moved successfully.
C:\Program Files\ZHZBTBDB.exe => moved successfully.
C:\Program Files\P5XUM29A.exe => moved successfully.
C:\Program Files\5NHN4DVP.exe => moved successfully.
C:\Program Files\NSA4X2JB.exe => moved successfully.
C:\Program Files\WLDF4TLZ.exe => moved successfully.
C:\Program Files\HXP7OHO2.exe => moved successfully.
C:\Program Files\CUC5N5C5.exe => moved successfully.
C:\Program Files\RTV77W9X.exe => moved successfully.
C:\Program Files\P6ZGU8O4.exe => moved successfully.
C:\Program Files\3BD5R3FD.exe => moved successfully.
C:\Program Files\VDFN51NJ.exe => moved successfully.
C:\Program Files\EENYUAFR.exe => moved successfully.
C:\Program Files\C4WOKSUU.exe => moved successfully.
C:\Program Files\9IR03V3V.exe => moved successfully.
C:\Users\User\AppData\Roaming\ZTEMTUI => moved successfully.
C:\Program Files\G9381VKS.exe => moved successfully.
C:\Program Files\B3KNSWSG.exe => moved successfully.
C:\Program Files\A80CUMOM.exe => moved successfully.
C:\Program Files\KKAMKM2I.exe => moved successfully.
C:\Program Files\3BBFNNRZ.exe => moved successfully.
C:\Program Files\Z9VZRVB7.exe => moved successfully.
C:\Program Files\YI06O6O8.exe => moved successfully.
C:\Program Files\U8KA0KYS.exe => moved successfully.
C:\Program Files\RJOSKNS6.exe => moved successfully.
C:\Program Files\O8A6EYIC.exe => moved successfully.
C:\Program Files\MKYAY6AA.exe => moved successfully.
C:\Program Files\H1FZP7L9.exe => moved successfully.
C:\Program Files\G0K0CWCS.exe => moved successfully.
C:\Program Files\2I6MKKYY.exe => moved successfully.
C:\Program Files\C8AUAW0O.exe => moved successfully.
C:\Program Files\4WI42IAU.exe => moved successfully.
C:\Program Files\Z3FVJNZR.exe => moved successfully.
C:\Program Files\VLB73NDT.exe => moved successfully.
C:\Program Files\RZF3FVR3.exe => moved successfully.
C:\Program Files\HKCRVA25.exe => moved successfully.
C:\Program Files\SACMOGIA.exe => moved successfully.
C:\Program Files\S80H0INB.exe => moved successfully.
C:\Program Files\3EKKWWSZ.exe => moved successfully.
C:\Program Files\WSXRXHAF.exe => moved successfully.
C:\Program Files\6B5NSAF6.exe => moved successfully.
C:\Program Files\NIGLMT04.exe => moved successfully.
C:\Program Files\7SBUFYH9.exe => moved successfully.
C:\Program Files\YHMPA0L3.exe => moved successfully.
C:\Program Files\C0WKSOO0.exe => moved successfully.
C:\Program Files\7JVR397V.exe => moved successfully.
C:\Users\User\Downloads\McAfeeSetup (1).exe => moved successfully.
C:\Program Files\VOV1J1V9.exe => moved successfully.
C:\Program Files\PR68XOPJ.exe => moved successfully.
C:\Program Files\stinger => moved successfully.
C:\Program Files\TXBF6KYN.exe => moved successfully.
C:\Program Files\C4L1IN3K.exe => moved successfully.
C:\Users\User\Downloads\Setup_serial_vXhmvuT7FQA_QT7-DpztaA2_key.exe => moved successfully.
C:\Program Files\JJ37R7FN.exe => moved successfully.
C:\Program Files\EAMAW8WO.exe => moved successfully.
C:\Program Files\K8P5A2WA.exe => moved successfully.
C:\Program Files\I5NJCYD5.exe => moved successfully.
C:\Program Files\PHXFAB6N.exe => moved successfully.
C:\Program Files\NVKIJKXX.exe => moved successfully.
C:\Program Files\U16ZHMGL.exe => moved successfully.
C:\Program Files\LX9NZL7P.exe => moved successfully.
C:\Program Files\IA2MU6SM.exe => moved successfully.
C:\Program Files\CYKCAI4U.exe => moved successfully.
C:\Users\User\Desktop\oas-disabled-fix.cmd => moved successfully.
C:\Program Files\O2E02G8W.exe => moved successfully.
C:\Program Files\MYACMEWO.exe => moved successfully.
C:\Program Files\97D535NB.exe => moved successfully.
C:\Program Files\6YWEGYKO.exe => moved successfully.
C:\Program Files\XH13RNZN.exe => moved successfully.
C:\Program Files\PZXDLPJL.exe => moved successfully.
C:\Program Files\DFHPNZRZ.exe => moved successfully.
C:\Program Files\86SA47OK.exe => moved successfully.
C:\Program Files\I4OAWGC0.exe => moved successfully.
C:\Program Files\AAKUGWC6.exe => moved successfully.
C:\Program Files\5DV9BTJV.exe => moved successfully.
C:\Program Files\1JZR9E6W.exe => moved successfully.
C:\Program Files\4KIACA82.exe => moved successfully.
C:\Program Files\380FK0UP.exe => moved successfully.
C:\Program Files\MOW4CO20.exe => moved successfully.
C:\Program Files\JC4Y3W1R.exe => moved successfully.
C:\Program Files\3PBXOKG7.exe => moved successfully.
C:\Users\User\Downloads\watch (1).htm => moved successfully.
C:\Program Files\WCKW8SW8.exe => moved successfully.
C:\Program Files\EGYW0ECW.exe => moved successfully.
C:\Program Files\FIA26B3S.exe => moved successfully.
C:\Program Files\1DVNPHJ7.exe => moved successfully.
C:\Program Files\K2L6IGSO.exe => moved successfully.
C:\Program Files\8R3V7K20.exe => moved successfully.
C:\Program Files\68WMOU04.exe => moved successfully.
C:\Program Files\E670AGAY.exe => moved successfully.
C:\Program Files\ST6KXLWY.exe => moved successfully.
C:\Program Files\GSW8SCSO.exe => moved successfully.
C:\Program Files\CKOWOSOG.exe => moved successfully.
C:\Users\User\Downloads\MONOVA.ORG CorelDRAW Graphics Suite X7 [Eng] 32bit-64bit including crack.torrent => moved successfully.
C:\Program Files\26YE0M80.exe => moved successfully.
C:\Program Files\V37B37V3.exe => moved successfully.
C:\Program Files\L160S701.exe => moved successfully.
C:\Program Files\CKOOWW0O.exe => moved successfully.
C:\Program Files\IKCOMEWA.exe => moved successfully.
C:\Program Files\5DX5DLPX.exe => moved successfully.
C:\Program Files\UZ6ZUCUJ.exe => moved successfully.
C:\Program Files\USEO5RH2.exe => moved successfully.
C:\Program Files\PBXUGRCA.exe => moved successfully.
C:\Program Files\M24YKCIG.exe => moved successfully.
C:\Program Files\P6P3C3PK.exe => moved successfully.
C:\Program Files\EXEAO5TK.exe => moved successfully.
C:\Program Files\CTWD6B50.exe => moved successfully.
C:\Program Files\CL73ZKEB.exe => moved successfully.
C:\Program Files\AS06Y0C0.exe => moved successfully.
C:\Program Files\1N5RPBJ1.exe => moved successfully.
C:\Program Files\SKVW118I.exe => moved successfully.
C:\Program Files\RRV37ZZJ.exe => moved successfully.
C:\Users\User\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe => moved successfully.
C:\Program Files\DJ5R1TF7.exe => moved successfully.
C:\Program Files\YPUYK5J2.exe => moved successfully.
C:\Program Files\IOI06BGH.exe => moved successfully.
C:\Program Files\LT9T9LTX.exe => moved successfully.
C:\Program Files\ZTZ6OJ2M.exe => moved successfully.
C:\Program Files\JVFNBRBZ.exe => moved successfully.
C:\Program Files\JRBJB1BB.exe => moved successfully.
C:\Program Files\IR3C432E.exe => moved successfully.
C:\Program Files\95HPHL7T.exe => moved successfully.
C:\Program Files\775FT7H7.exe => moved successfully.
C:\Program Files\0ZV76CB3.exe => moved successfully.
C:\Program Files\DHTX1XXD.exe => moved successfully.
C:\Program Files\A1NWAO2H.exe => moved successfully.
C:\Program Files\V4DWDRNZ.exe => moved successfully.
C:\Program Files\401NW5WB.exe => moved successfully.
C:\Program Files\T2GXL7LI.exe => moved successfully.
C:\Program Files\6UBPY7KN.exe => moved successfully.
C:\Users\User\AppData\Roaming\OpenCandy => moved successfully.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully.
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully.
C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job => moved successfully.
C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job => moved successfully.
C:\Users\User\AppData\Roaming\AC2787-ZTEEVDO => moved successfully.
C:\Users\User\AppData\Local\EmieUserList => moved successfully.
C:\Users\User\AppData\Local\EmieSiteList => moved successfully.
C:\Users\User\AppData\Local\EmieBrowserModeList => moved successfully.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\Program Files (x86)\3b5e57a9-2300-42b6-837e-64ff9ae02ad6 => moved successfully.
C:\ProgramData\{1132ae0a-e898-0430-1132-2ae0ae89b82b} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{111DD6B1-3D32-4D71-9B34-37EA5FE2D006}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111DD6B1-3D32-4D71-9B34-37EA5FE2D006}" => key removed successfully
C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[973b]" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{168342E7-D869-42D0-9EEE-16935D5D4265}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{168342E7-D869-42D0-9EEE-16935D5D4265}" => key removed successfully
C:\Windows\System32\Tasks\4b000afa-875c-484f-8c15-349907757973-7 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4b000afa-875c-484f-8c15-349907757973-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{48A93589-CD17-4EB6-B057-9AC52D8CB076}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48A93589-CD17-4EB6-B057-9AC52D8CB076}" => key removed successfully
C:\Windows\System32\Tasks\4b000afa-875c-484f-8c15-349907757973-6 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4b000afa-875c-484f-8c15-349907757973-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6735047D-7852-42A8-9A6D-946CD9513593}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6735047D-7852-42A8-9A6D-946CD9513593}" => key removed successfully
C:\Windows\System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-7 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4b000afa-875c-484f-8c15-349907757973-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{763B522F-83C6-4883-B328-102C8EDD21C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{763B522F-83C6-4883-B328-102C8EDD21C8}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{809FE14F-921E-4FAC-938C-3B6FBD419ED4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{809FE14F-921E-4FAC-938C-3B6FBD419ED4}" => key removed successfully
C:\Windows\System32\Tasks\4b000afa-875c-484f-8c15-349907757973-1-6 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4b000afa-875c-484f-8c15-349907757973-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B092AFA4-9853-48C4-A0D1-C130CA247570}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B092AFA4-9853-48C4-A0D1-C130CA247570}" => key removed successfully
C:\Windows\System32\Tasks\FNIQYHVL => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FNIQYHVL" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B1197667-C6E6-444B-920A-BCF08FBBCEAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1197667-C6E6-444B-920A-BCF08FBBCEAF}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B37E7599-1B6D-4CA8-8173-77CA09BA5706}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B37E7599-1B6D-4CA8-8173-77CA09BA5706}" => key removed successfully
C:\Windows\System32\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4652072b-041a-4d46-b300-5cb6025f14d8-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8FFA308-723F-4770-822E-E1BFA58D8845}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8FFA308-723F-4770-822E-E1BFA58D8845}" => key removed successfully
C:\Windows\System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5_user => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4b000afa-875c-484f-8c15-349907757973-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FF99AFF3-B532-4568-998D-A19AC59AA1DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF99AFF3-B532-4568-998D-A19AC59AA1DB}" => key removed successfully
C:\Windows\System32\Tasks\4b000afa-875c-484f-8c15-349907757973-5 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4b000afa-875c-484f-8c15-349907757973-5" => key removed successfully
C:\WINDOWS\Tasks\4652072b-041a-4d46-b300-5cb6025f14d8-4.job not found.
C:\WINDOWS\Tasks\Bidaily Synchronize Task[973b].job not found.
"C:\Users\User\Cookies" => ":eHAmoLcd7LLsHDUbODKWBfewrC0" ADS not found.
C:\Users\User\OneDrive => ":ms-properties" ADS removed successfully.
C:\Users\User\AppData\Local\Temp => ":gsbm8dwTRNkHsC3l6SpsZQamO4" ADS removed successfully.
"HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\Software\Classes\exefile" => key removed successfully
C:\ProgramData\msboivr.exe => moved successfully.
C:\Users\User\agent.exe => moved successfully.
C:\Users\User\DRTCP021.exe => moved successfully.
C:\Users\User\launchAgent.bat => moved successfully.
C:\Users\User\launchDrTCP.bat => moved successfully.
"c:\programdata\{1132ae0a-e898-0430-1132-2ae0ae89b82b}" => File/Folder not found.
"C:\Program Files (x86)\CinemaPlus-3.2cV15.04" => File/Folder not found.
"C:\ProgramData\54c1fc65d2be43d1b5912d6632dbad70" => File/Folder not found.
"C:\Program Files (x86)\SavePass 1.1" => File/Folder not found.
C:\Program Files\shopperz => moved successfully.
C:\Users\User\AppData\Local\SmartWeb => moved successfully.
"C:\Program Files (x86)\Great Find" => File/Folder not found.
C:\Program Files (x86)\XTab => moved successfully.
C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe => moved successfully.
"C:\Program Files\kprocesshacker.sys" => File/Folder not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

ERROR: The system was unable to find the specified registry key or value.

========= End of Reg: =========

========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4064182937-4136054916-3625840862-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Ok.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= ipconfig /release =========

Windows IP Configuration

No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Wireless LAN adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::1d7f:805c:d63a:7f74%4
Default Gateway . . . . . . . . . :

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : aud.local

========= End of CMD: =========

========= ipconfig /renew =========

Windows IP Configuration

No operation can be performed on Local Area Connection* 12 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Wireless LAN adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : domain.name
Link-local IPv6 Address . . . . . : fe80::1d7f:805c:d63a:7f74%4
IPv4 Address. . . . . . . . . . . : 192.168.0.6
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : aud.local

========= End of CMD: =========

========= netsh int ipv4 reset =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {774B04EC-B609-4E8E-8FE8-B3270ABC66F7}.
Unable to cancel {6A350BEE-A970-43A1-B0F8-3E4A12AFBBC3}.
Unable to cancel {2CC1BB7B-1021-46D0-8F9F-E28C694F886C}.
Unable to cancel {0A46ACDC-B065-4B1D-B095-1197606E18A0}.
Unable to cancel {FD8F123A-AE7C-48AD-9E06-C4CD5BDD467B}.
Unable to cancel {31AD4A3C-C426-404E-9793-5A09399D5708}.
Unable to cancel {071109B5-96DE-40AC-A736-02F8B8C94305}.
Unable to cancel {A358B1BF-E198-48AE-9AFE-6774CFB58806}.
Unable to cancel {05899B1F-756B-4565-A04B-73202B2CFB24}.
Unable to cancel {3646ADB3-0B37-49A4-A5EB-B5CC54A7054F}.
Unable to cancel {977BCB21-5944-47D7-9FEC-D888B228C813}.
Unable to cancel {1AE4325B-044A-4BC5-854C-7BA582FC5BCE}.
{0A0BA31D-B4D8-40F9-B7D0-DE730165FB51} canceled.
{1CC65056-1B62-43EB-9419-E5EF29F4FF04} canceled.
Unable to cancel {697B6B4F-7FA3-4901-9429-61D0063DD928}.
Unable to cancel {60D254A5-901E-48E1-B34F-510119A0ADF8}.
Unable to cancel {E856800C-5BB7-44A5-ABF7-B31BEE310554}.
Unable to cancel {0A4D76D6-071D-4EC0-B9D0-5795EE0E3AA4}.
Unable to cancel {2575DB10-A8C7-42BE-80FA-3082211DBF5B}.
Unable to cancel {C2DC9A25-B4DA-43C3-B3C2-0D0C6499AFFB}.
Unable to cancel {79CA81C5-AB3C-4998-AC9C-46AADF50CF53}.
Unable to cancel {0A6007AE-A31C-47C7-B422-C14E6373A252}.
Unable to cancel {92164436-7B8E-4F5C-90CF-B96FEBF5D5F1}.
Unable to cancel {1DF4A0AC-D460-4DAC-A75D-8FBA32726470}.
Unable to cancel {25FAD265-A448-4588-89DB-1B73740723CC}.
{92067721-51F6-484F-BDC0-412908FADD40} canceled.
3 out of 26 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 27.8 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 05:55:33 ====

#7
Sanket

Posted 30 June 2015 - 07:17 PM

Member

Topic Starter
Member
15 posts

AdwCleaner[S0].txt

# AdwCleaner v4.207 - Logfile created 01/07/2015 at 06:09:37

# Updated 21/06/2015 by Xplode

# Database : 2015-06-21.1 [Local]

# Operating system : Windows 8.1 (x64)

# Username : User - DELL

# Running from : C:\Users\User\Desktop\This\AdwCleaner.exe

# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : bd0003

[#] Service Deleted : BDArKit

[#] Service Deleted : BDKVRTP

[#] Service Deleted : BDMWrench_x64

[#] Service Deleted : IHProtect Service

[#] Service Deleted : networx

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\WindowsMangerProtect

Folder Deleted : C:\ProgramData\ytd video downloader

Folder Deleted : C:\ProgramData\IHProtectUpDate

Folder Deleted : C:\ProgramData\LolliScan

Folder Deleted : C:\ProgramData\8604963894654320673

Folder Deleted : C:\Program Files (x86)\GreenTree Applications

Folder Deleted : C:\Program Files (x86)\igs

Folder Deleted : C:\Program Files (x86)\WaNetEnhance

Folder Deleted : C:\Program Files (x86)\PriceMinus

Folder Deleted : C:\Program Files (x86)\Application Assistance

Folder Deleted : C:\Program Files (x86)\PoriceMinus

Folder Deleted : C:\Program Files\NetWorx

Folder Deleted : C:\Users\User\SupTab

Folder Deleted : C:\Users\User\AppData\Local\globalUpdate

Folder Deleted : C:\Users\User\AppData\Local\4C4C4544-1429195891-4E10-8033-B2C04F515831

Folder Deleted : C:\Users\User\AppData\LocalLow\SmartWeb

Folder Deleted : C:\Users\User\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}

Folder Deleted : C:\ProgramData\pcgjaeepcjpdhhibeafglmboeegaabjc

File Deleted : C:\Users\Public\Desktop\YTD Video Downloader.lnk

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader.lnk

File Deleted : C:\WINDOWS\patsearch.bin

File Deleted : C:\WINDOWS\SysWOW64\CCLOff.ini

File Deleted : C:\WINDOWS\SysWOW64\CCL.dll

File Deleted : C:\WINDOWS\SysWOW64\drivers\bd0001.sys

File Deleted : C:\WINDOWS\SysWOW64\drivers\bd0002.sys

File Deleted : C:\WINDOWS\System32\CCLOff.ini

File Deleted : C:\WINDOWS\System32\drivers\bd0003.sys

File Deleted : C:\WINDOWS\System32\drivers\BDArKit.SYS

File Deleted : C:\WINDOWS\System32\drivers\BDMWrench_x64.sys

File Deleted : C:\WINDOWS\System32\drivers\networx.sys

File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2wg8gdmu.default\user.js

***** [ Scheduled tasks ] *****

Task Deleted : RunAsStdUser Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect

Key Deleted : HKCU\Software\Mozilla\Extends

Key Deleted : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader

Key Deleted : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader.1

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BDShellExt.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE

Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\BDShellExt

Key Deleted : HKLM\SOFTWARE\Classes\BDShellExt.BDShellExtMenu

Key Deleted : HKLM\SOFTWARE\Classes\BDShellExt.BDShellExtMenu.1

Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\BDShellExt

Key Deleted : HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\BDShellExt

Key Deleted : HKLM\SOFTWARE\Classes\Extension.jshep

Key Deleted : HKLM\SOFTWARE\Classes\Extension.jshep.1

Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FBE0E29B-01DB-4876-B147-46F5AABA6823}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{36E6A19A-6C8C-4250-B42A-24B8D3514ABA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{15DEE173-1BE9-4424-81E0-58A87076E9B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00890530-6A9F-4BE2-B1BB-73F01E2BB986}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91B5E4DE-4C97-41CD-9F94-84BFAABB7371}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CF50C82-4C4B-43E9-B1B2-15CB1BD0C193}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{45D1EEF3-7713-48FA-B7A5-B77229C7D330}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15DEE173-1BE9-4424-81E0-58A87076E9B1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{36E6A19A-6C8C-4250-B42A-24B8D3514ABA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15DEE173-1BE9-4424-81E0-58A87076E9B1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5081D2D4-1637-404C-B74F-50526718257D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15DEE173-1BE9-4424-81E0-58A87076E9B1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5081D2D4-1637-404C-B74F-50526718257D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{85E0B1AA-04FA-11D1-B7DA-00A0C90348D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0C5C9741-79A4-4A5F-A9B3-9E686CFF879B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\GlobalUpdate

Key Deleted : HKCU\Software\HomeTab

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\simplytech

Key Deleted : HKCU\Software\TNT2

Key Deleted : HKCU\Software\SearchProtectWS

Key Deleted : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}

Key Deleted : HKCU\Software\Crossbrowse

Key Deleted : HKCU\Software\SavePass1.1

Key Deleted : HKCU\Software\Linkey

Key Deleted : HKCU\Software\YorkNewCin

Key Deleted : HKCU\Software\HighDefAction

Key Deleted : HKCU\Software\ArenaHD

Key Deleted : HKCU\Software\AppDataLow\Software\BlockAndSurf

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb

Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\GlobalUpdate

Key Deleted : HKLM\SOFTWARE\Iminent

Key Deleted : HKLM\SOFTWARE\SearchProtect

Key Deleted : HKLM\SOFTWARE\SupDp

Key Deleted : HKLM\SOFTWARE\SupTab

Key Deleted : HKLM\SOFTWARE\IHProtect

Key Deleted : HKLM\SOFTWARE\omniboxesSoftware

Key Deleted : HKLM\SOFTWARE\Crossbrowse

Key Deleted : HKLM\SOFTWARE\SpeedBit

Key Deleted : HKLM\SOFTWARE\luckysearchesSoftware

Key Deleted : HKLM\SOFTWARE\LolliScan

Key Deleted : HKLM\SOFTWARE\AIM Toolbar

Key Deleted : HKLM\SOFTWARE\YorkNewCin

Key Deleted : HKLM\SOFTWARE\HighDefAction

Key Deleted : HKLM\SOFTWARE\ArenaHD

Key Deleted : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}

Key Deleted : [x64] HKLM\SOFTWARE\LolliScan

Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin

Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction

Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetWorx_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v38.0.5 (x86 en-US)

[2wg8gdmu.default\prefs.js] - Line Deleted : user_pref("extensions.4x3GkNl971FIETBA.scode", "(function(){try{if(window.location.href.indexOf(\"rjnEpjwEqHY5qjs6qjCFqjU7rda\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]

-\\ Google Chrome v43.0.2357.130

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M2EEA7972-31E0-4383-BFC1-6E42BA12290D&SearchSource=55&CUI=&UM=6&UP=SP29973D82-00A0-46C2-8451-045ECE17AA25&SSPV=SP21726TB_sp_ch

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 114510ADFB42CB389E1D52DFD1E9A302AA8DCEE57D48638834E2335F12A9B1E2"},"software_reporter":{"prompt_reason":"FC3E3ECCD3A64074835B7E619782A941EFC2956E85308C12242C1DCDDFC0407E","prompt_seed":"94CAFD5724F07435BB40E6BC819D88816DAEF7DD3D0FFBC4E79F6A9C6808C1AD","prompt_version":"1751C7FE604C5F6DD04160FDD63BC1F66111B5E1E30A415232DFE4F2CCF565E4"},"sync":{"remaining_rollback_tries":"C578ED9DE219018EE60C3DB595EE7FDFF8AD7DE6B30E1C4D21BBA32D153C6C05"}},"super_mac":"FD5A54F35B63405C4A70751055DFF9608080AE1C7E5B1AAEFF60850771A14C59"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M2EEA7972-31E0-4383-BFC1-6E42BA12290D&SearchSource=55&CUI=&UM=6&UP=SP29973D82-00A0-46C2-8451-045ECE17AA25&SSPV=SP21726TB_sp_ch

*************************

AdwCleaner[R0].txt - [13113 bytes] - [01/07/2015 06:07:13]

AdwCleaner[S0].txt - [12239 bytes] - [01/07/2015 06:09:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12299 bytes] ##########

#8
Essexboy

Posted 01 July 2015 - 07:35 AM

GeekU Moderator

Retired Staff
69,964 posts

How is the computer now ? Your AV of choice should now work.

Could I have a fresh FRST scan please to ensure that I have missed nothing

#9
Sanket

Posted 01 July 2015 - 08:50 AM

Member

Topic Starter
Member
15 posts

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01

Ran by User (administrator) on DELL on 01-07-2015 20:17:32

Running from C:\Users\User\Desktop

Loaded Profiles: User (Available Profiles: User)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Airtel NetXpert\bin\sprtsvc.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Airtel NetXpert\bin\tgsrvc.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe