Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MyComGames Removal?

Started by chaelea , Mar 22 2016 08:41 PM
virus malware removal

  • Please log in to reply

#1
chaelea
Posted 22 March 2016 - 08:41 PM

chaelea

    New Member

  • Member
  • Pip
  • 2 posts

Hello, I was wondering if anyone can help me remove this unknown app (I'm guessing?) I've never seen it but I opened up the Task Manager and seen that it was located in the Startup. It's called MyComGames. I've never heard of it before, but my laptop locks up a lot and freezes. Occasionally, it'll go very slow while I'm just trying to browse... Can anyone please help me...? I don't wish to get a virus on my laptop  :headhurt:


  • 0

Advertisements

#2
chaelea
Posted 22 March 2016 - 08:55 PM

chaelea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

To add on to this, I did what one forum (Welcome to Geeks to Go's Virus, Spyware, and Malware Removal forum) add on.... If it's okay, I blurred out 3 parts...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by A****** (administrator) on AIESHA (22-03-2016 21:48:58)
Running from C:\Users\bitem_000\Desktop
Loaded Profiles: A****** (Available Profiles: A******)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179040 2013-10-15] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Akamai NetSession Interface] => C:\Users\bitem_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Pinger] => "C:\Program Files (x86)\Pinger\Pinger.exe"
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [MyComGames] => "C:\Users\bitem_000\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [BitTorrent] => C:\Users\bitem_000\AppData\Roaming\BitTorrent\BitTorrent.exe [1930760 2016-03-22] (BitTorrent Inc.)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {02b49778-9ce3-11e4-82b4-008cfaa5d91a} - "E:\Setup.exe" 
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {56d4651a-db29-11e4-82b9-008cfaa5d91a} - "E:\setup.exe" 
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {56d46869-db29-11e4-82b9-008cfaa5d91a} - "E:\setup.exe" 
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {e7c2ca7a-6c78-11e5-8312-008cfaa5d91a} - "E:\setup.exe" 
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
AppInit_DLLs-x32: c:\users\bitem_000\appdata\local\smartbar\application\resources\crdlil.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Sims 2 (PC).lnk [2015-01-23]
ShortcutTarget: The Sims 2 (PC).lnk -> C:\ProgramData\{a7f6857d-6e95-3b4d-a7f6-6857d6e915f5}\The Sims 2 (PC).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk -> C:\ProgramData\{33017e0a-41df-6565-3301-17e0a41df829}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk -> C:\ProgramData\{86012154-2b46-4f04-8601-121542b48550}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Sims 2 (PC).lnk [2015-01-23]
ShortcutTarget: The Sims 2 (PC).lnk -> C:\ProgramData\{a7f6857d-6e95-3b4d-a7f6-6857d6e915f5}\The Sims 2 (PC).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk -> C:\ProgramData\{33017e0a-41df-6565-3301-17e0a41df829}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk -> C:\ProgramData\{86012154-2b46-4f04-8601-121542b48550}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 04 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 05 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 06 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 07 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 08 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 09 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 10 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 21 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Hosts: 54.204.28.26 dmcecclamecbinmplcolhaljlclhbgah
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3D79F727-A26D-4D17-A4A5-E6E915D23E73}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{B6B7D4D8-2A84-4549-8EE6-C7DE3AF753BD}: [NameServer] 208.69.150.250,208.69.150.252
Tcpip\..\Interfaces\{D02C5239-404F-40E8-AD48-28696C4A28D1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{D02C5239-404F-40E8-AD48-28696C4A28D1}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchy.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchy.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.zoo.com/ofaz2/search/web?sid=77363&tid=18310&bd=1402117200000.000008&ver=6.1&guid=77363-18310-1402156037528-A365F22983F159960390AB4BB3B6FCE3&fcoid=417&fcop=topnav&fpid=27&ql=&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.zoo.com/ofaz2/search/web?sid=77363&tid=18310&bd=1402117200000.000008&ver=6.1&guid=77363-18310-1402156037528-A365F22983F159960390AB4BB3B6FCE3&fcoid=417&fcop=topnav&fpid=27&ql=&q=
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBqM5kBv_j3037bDqJOOJ2f0rKszZOpS3K4cDuI4MvUlMsKecfrdrmCdFp5Rus3IIIRJWrO_oWisaOaiIlnLmirzqECOH-A9gZ__WuFG-QYHU_DlgNxKeS1yiPmZXpKa2i0veeG5gJKontN3lF0YGRIECtw,,&q={searchTerms}
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=avantsearch6
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/01/23&hid=428756518839837175&lg=EN&cc=US
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBqM5kBv_j3037bDqJOOJ2f0rKszZOpS3K4cDuI4MvUlMsKecfrdrmCdFp5Rus3IIIRJWrO_oWisaOaiIlnLmirzqECOH-A9gZ__WuFG-QYHU_DlgNxKeS1yiPmZXpKa2i0veeG5gJKpjlCFmYTgQs33IwnuuXw,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/01/23&hid=428756518839837175&lg=EN&cc=US
SearchScopes: HKU\.DEFAULT -> DefaultScope {E28F1A0C-59B2-4998-9720-49AA1AD54A99} URL = 
SearchScopes: HKU\.DEFAULT -> {E28F1A0C-59B2-4998-9720-49AA1AD54A99} URL = 
SearchScopes: HKU\S-1-5-21-2335575561-2103832806-512499992-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/01/23&hid=428756518839837175&lg=EN&cc=US
SearchScopes: HKU\S-1-5-21-2335575561-2103832806-512499992-1001 -> {C33FB192-1326-4B63-B873-3717BDDB9135} URL = hxxp://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=963
SearchScopes: HKU\S-1-5-21-2335575561-2103832806-512499992-1001 -> {E28F1A0C-59B2-4998-9720-49AA1AD54A99} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: RandomPPrIce -> {19fc9b93-e4ed-48b1-b233-f03360bfc49c} -> C:\Program Files (x86)\RandomPPrIce\b2hfeAeiAB7xr7.x64.dll => No File
BHO: 50CoupoNS -> {348a8283-8b9e-4f48-a360-50eb01ef3fee} -> C:\Program Files (x86)\50CoupoNS\oqbuUsy0pHDXtZ.x64.dll => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: RoboSavier -> {9fce6b6e-51fc-4288-82af-f8184880ed73} -> C:\Program Files (x86)\RoboSavier\KR8AKJRTvxnIdY.x64.dll => No File
BHO: DieaLExpresS -> {b0bebb42-6198-44f7-a901-a2fb550384ff} -> C:\Program Files (x86)\DieaLExpresS\V4b93PUN2YiGWP.x64.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: AlLCheuapPriice -> {d6f86340-02a0-4c72-83b3-5cbb6eea4c52} -> C:\Program Files (x86)\AlLCheuapPriice\hQ0YVkdDFDyeTH.x64.dll => No File
BHO: JoniCioupoin -> {e722e2f1-adc2-4077-ab67-3e9cd7e4d528} -> C:\Program Files (x86)\JoniCioupoin\Amv83dKWB73XJK.x64.dll => No File
BHO-x32: No Name -> {19fc9b93-e4ed-48b1-b233-f03360bfc49c} -> No File
BHO-x32: 50CoupoNS -> {348a8283-8b9e-4f48-a360-50eb01ef3fee} -> C:\Program Files (x86)\50CoupoNS\oqbuUsy0pHDXtZ.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-30] (Oracle Corporation)
BHO-x32: RoboSavier -> {9fce6b6e-51fc-4288-82af-f8184880ed73} -> C:\Program Files (x86)\RoboSavier\KR8AKJRTvxnIdY.dll => No File
BHO-x32: No Name -> {b0bebb42-6198-44f7-a901-a2fb550384ff} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: AlLCheuapPriice -> {d6f86340-02a0-4c72-83b3-5cbb6eea4c52} -> C:\Program Files (x86)\AlLCheuapPriice\hQ0YVkdDFDyeTH.dll => No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-30] (Oracle Corporation)
BHO-x32: JoniCioupoin -> {e722e2f1-adc2-4077-ab67-3e9cd7e4d528} -> C:\Program Files (x86)\JoniCioupoin\Amv83dKWB73XJK.dll => No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\bitem_000\AppData\Roaming\Mozilla\Firefox\Profiles\cp3j4k1y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2335575561-2103832806-512499992-1001: @my.com/Games -> C:\Users\bitem_000\AppData\Local\MyComGames\NPMyComDetector.dll [No File]
FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}] - C:\Program Files (x86)\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6} => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\[email protected] => not found
 
Chrome: 
=======
CHR Profile: C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-26]
CHR Extension: (Google Docs) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-26]
CHR Extension: (Google Drive) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-26]
CHR Extension: (YouTube) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-26]
CHR Extension: (Google Search) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-26]
CHR Extension: (Google Sheets) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-26]
CHR Extension: (Google Docs Offline) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-26]
CHR Extension: (Gmail) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-26]
CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eihhgekonheiliaidomffpplfhecmkag] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR StartupUrls: "hxxp://google.com/"
OPR Session Restore: -> is enabled.
OPR Extension: (Translate) - C:\Users\bitem_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-09-22]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S4 BI Helper; C:\Program Files (x86)\Common Files\Services\5000\bihelper.exe [151552 2014-11-27] () [File not signed]
S4 BrowseIgnite_1048; C:\Program Files (x86)\Common Files\Services\1048\biupdate.exe [74752 2014-09-21] () [File not signed]
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3071632 2014-05-06] (INCA Internet Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [X]
S2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe" [X]
S3 Disc Soft Pro Bus Service; "C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe" [X]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 mglupdate; C:\Program Files (x86)\Maxiget\Updater\MaxigetUpdater.exe /svc [X]
S3 mglupdatem; C:\Program Files (x86)\Maxiget\Updater\MaxigetUpdater.exe /medsvc [X]
S2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [X]
S4 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
S3 cpuz138; C:\Users\bitem_000\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-03-17] (CPUID)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-17] (Disc Soft Ltd)
R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2015-10-08] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-21] (REALiX™)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [404184 2016-01-28] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4520152 2016-01-28] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-11-06] (Razer, Inc.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-01-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [36712 2016-01-28] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2016-01-28] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\appobserver64.sys [X]
S3 dump_wmimmc; \??\C:\Webzen\ASTA\bin32\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S1 nnfwdk; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\nnfwdk64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-22 21:48 - 2016-03-22 21:49 - 00027049 _____ C:\Users\bitem_000\Desktop\FRST.txt
2016-03-22 21:48 - 2016-03-22 21:48 - 00000000 ____D C:\FRST
2016-03-22 21:46 - 2016-03-22 21:46 - 02374144 _____ (Farbar) C:\Users\bitem_000\Desktop\FRST64.exe
2016-03-22 21:19 - 2016-03-22 21:19 - 00000000 ____D C:\The Sims 4 Deluxe Edition
2016-03-22 21:02 - 2016-03-22 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 Deluxe Edition
2016-03-22 17:48 - 2016-03-22 20:22 - 00000000 ____D C:\Users\bitem_000\Downloads\The Sims 4  v1.13.104.1010 repack Mr DJ
2016-03-22 17:47 - 2016-03-22 17:47 - 00036728 _____ C:\Users\bitem_000\Downloads\[kat.cr]the.sims.4.deluxe.edition.version.1.13.104.1010.get.together.dlc.spooky.stuff.all.dlcs.repack.mr.dj.torrent
2016-03-22 16:41 - 2016-03-22 21:15 - 00000000 ____D C:\Users\bitem_000\Documents\Electronic Arts
2016-03-22 16:40 - 2016-03-22 16:40 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-03-22 16:40 - 2013-06-24 13:37 - 33854712 _____ C:\Program Files (x86)\documents.part11.rar
2016-03-22 16:40 - 2013-06-24 13:37 - 104857600 _____ C:\Program Files (x86)\documents.part10.rar
2016-03-22 16:40 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part09.rar
2016-03-22 16:40 - 2013-06-24 11:32 - 00006866 _____ C:\Program Files (x86)\Language en-US.reg
2016-03-22 16:40 - 2013-06-24 11:31 - 00006866 _____ C:\Program Files (x86)\Language cs-CZ.reg
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part08.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part07.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part06.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part05.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part04.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part03.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part02.rar
2016-03-22 16:38 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part01.exe
2016-03-22 16:38 - 2013-06-24 06:44 - 00010912 _____ C:\Program Files (x86)\4.bat
2016-03-22 16:38 - 2013-06-24 03:22 - 00072890 _____ C:\Program Files (x86)\1.reg
2016-03-22 12:02 - 2016-03-22 15:50 - 00000000 ____D C:\Users\bitem_000\Downloads\The Sims 3 All In One Edition (Including Into The Future EXP)
2016-03-22 12:01 - 2016-03-22 12:01 - 00242087 _____ C:\Users\bitem_000\Downloads\%5bkat.cr%5dthe.sims.3.all.in.one.edition.including.into.the.future.exp.zip
2016-03-22 11:59 - 2016-03-22 11:59 - 00002757 _____ C:\Users\bitem_000\Desktop\BitTorrent.lnk
2016-03-22 11:54 - 2016-03-22 20:27 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\BitTorrent
2016-03-22 11:54 - 2016-03-22 11:54 - 01930760 _____ (BitTorrent Inc.) C:\Users\bitem_000\Downloads\BitTorrent.exe
2016-03-17 22:12 - 2016-03-18 11:27 - 00000000 ____D C:\Users\bitem_000\Desktop\Games
2016-03-17 21:13 - 2016-03-17 22:29 - 00000000 ____D C:\Program Files (x86)\BigMacroTool
2016-03-11 22:21 - 2016-03-08 02:00 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 22:21 - 2016-03-08 02:00 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 15:34 - 2016-01-10 14:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-11 15:34 - 2016-01-10 13:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-11 15:34 - 2016-01-10 13:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-11 15:34 - 2016-01-10 13:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-11 15:34 - 2016-01-10 12:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-03-11 15:34 - 2016-01-10 12:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-03-11 15:34 - 2016-01-10 12:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-03-11 15:34 - 2016-01-10 12:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-03-11 15:34 - 2016-01-10 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-03-11 15:34 - 2016-01-10 12:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-03-11 15:34 - 2016-01-10 12:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-11 15:34 - 2016-01-10 12:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-03-11 15:34 - 2016-01-10 11:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-03-11 15:34 - 2016-01-10 11:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-03-11 15:34 - 2016-01-10 11:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-03-11 15:34 - 2016-01-10 11:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-03-11 15:34 - 2016-01-10 11:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-03-11 15:33 - 2016-01-22 03:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-11 15:33 - 2016-01-22 02:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-11 15:33 - 2016-01-22 00:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-11 15:33 - 2016-01-22 00:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-11 15:33 - 2016-01-22 00:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-11 15:33 - 2016-01-21 23:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-11 15:32 - 2016-01-19 14:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-11 15:31 - 2016-01-19 14:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-03-11 15:31 - 2016-01-19 14:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-03-11 15:31 - 2016-01-19 14:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-11 15:31 - 2016-01-19 14:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-11 15:31 - 2016-01-19 13:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-03-11 15:31 - 2016-01-19 13:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-11 15:31 - 2016-01-19 13:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-03-11 15:31 - 2016-01-19 13:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-03-11 15:31 - 2016-01-19 12:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-11 15:31 - 2016-01-19 11:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-03-11 15:31 - 2016-01-06 13:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-03-11 15:31 - 2015-12-28 16:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-03-11 15:31 - 2015-12-28 15:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-03-11 15:31 - 2015-12-17 13:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-03-11 15:31 - 2015-12-17 11:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-03-09 19:48 - 2016-03-09 20:23 - 00000000 ____D C:\Users\bitem_000\Documents\DragonNest
2016-03-09 19:48 - 2016-03-09 19:48 - 00000000 ____D C:\ProgramData\Nexon
2016-03-09 18:43 - 2016-03-17 22:13 - 00000000 ____D C:\Users\bitem_000\AppData\Local\NexonLauncher
2016-03-09 18:42 - 2016-03-09 18:43 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\NexonLauncher
2016-03-09 18:40 - 2016-03-09 19:42 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2016-03-09 13:25 - 2016-02-20 10:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 13:25 - 2016-02-05 14:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 13:25 - 2016-01-08 20:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 13:25 - 2016-01-06 13:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 13:25 - 2015-12-30 16:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 13:24 - 2016-02-08 16:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 13:24 - 2016-02-08 15:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 13:24 - 2016-02-08 15:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 13:24 - 2016-02-08 15:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 13:24 - 2016-02-08 15:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 13:24 - 2016-02-08 15:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 13:24 - 2016-02-08 15:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 13:24 - 2016-02-08 15:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 13:24 - 2016-02-08 15:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 13:24 - 2016-02-08 15:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 13:24 - 2016-02-08 15:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 13:24 - 2016-02-08 15:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 13:24 - 2016-02-08 14:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 13:24 - 2016-02-08 14:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 13:24 - 2016-02-08 14:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 13:24 - 2016-02-08 13:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 13:24 - 2016-02-08 13:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 13:24 - 2016-02-08 13:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 13:24 - 2016-02-08 13:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 13:24 - 2016-02-08 13:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 13:24 - 2016-02-08 12:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 13:24 - 2016-02-08 12:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 13:24 - 2016-02-08 12:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 13:24 - 2016-02-08 12:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 13:24 - 2016-02-08 12:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 13:24 - 2016-02-08 12:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 13:24 - 2016-02-08 12:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 13:24 - 2016-02-08 12:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 13:24 - 2016-02-08 12:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 13:24 - 2016-02-08 11:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 13:22 - 2016-02-05 09:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 13:22 - 2016-02-05 09:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 13:22 - 2016-02-05 09:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 13:22 - 2016-02-05 09:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 13:22 - 2016-01-24 13:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 13:22 - 2016-01-24 13:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 13:22 - 2016-01-24 13:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 13:22 - 2016-01-24 06:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 13:22 - 2016-01-24 06:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 13:21 - 2016-02-12 14:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 13:21 - 2016-02-12 10:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 13:21 - 2016-02-12 09:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 13:21 - 2016-02-12 09:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 13:21 - 2016-02-12 09:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 13:21 - 2016-02-12 09:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 13:21 - 2016-02-12 09:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 13:21 - 2016-02-12 09:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 13:21 - 2016-02-12 09:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 13:21 - 2016-02-12 09:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 13:21 - 2016-02-12 09:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 13:21 - 2016-02-12 09:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 13:21 - 2016-02-11 09:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 13:21 - 2016-02-11 09:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 13:21 - 2016-02-11 09:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 13:21 - 2016-02-11 09:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 13:21 - 2016-02-06 11:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 13:21 - 2016-02-06 11:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 13:21 - 2016-02-03 15:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 13:21 - 2016-02-03 15:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 13:21 - 2016-02-03 10:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 13:21 - 2016-02-03 10:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 13:21 - 2016-02-03 10:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 13:21 - 2016-01-10 11:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 13:21 - 2016-01-08 20:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 13:21 - 2016-01-08 20:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 13:21 - 2016-01-06 18:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 13:21 - 2016-01-06 18:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 13:21 - 2016-01-06 11:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 13:20 - 2016-02-06 13:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 13:20 - 2016-02-05 14:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 13:20 - 2016-02-05 14:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 13:20 - 2016-02-05 10:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 13:20 - 2016-02-05 10:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 13:20 - 2016-02-04 13:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 13:20 - 2016-02-04 13:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 13:20 - 2016-02-04 13:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 13:20 - 2016-02-04 12:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 13:20 - 2016-02-04 12:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 13:20 - 2016-02-04 12:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 13:20 - 2016-02-04 12:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 13:20 - 2016-01-31 14:16 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 13:20 - 2016-01-15 11:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 13:20 - 2016-01-15 11:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 13:20 - 2016-01-10 11:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 13:20 - 2016-01-05 10:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 13:20 - 2015-12-30 15:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 13:20 - 2015-12-20 09:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 13:20 - 2015-12-20 09:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 13:20 - 2015-12-20 09:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 13:20 - 2015-11-19 09:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 13:20 - 2015-11-19 09:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 11:12 - 2016-03-09 11:12 - 00000000 ____D C:\$SysReset
2016-03-09 01:48 - 2016-03-09 01:48 - 00000000 ____D C:\Webzen
2016-02-26 21:53 - 2016-02-26 21:53 - 00000000 ____D C:\Users\bitem_000\AppData\LocalLow\Macromedia
2016-02-26 21:39 - 2016-02-26 21:39 - 00002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-22 21:45 - 2014-10-24 11:45 - 00000302 _____ C:\Windows\Tasks\FF Watcher {3F3302B1-A135-4482-AF3D-8F6EBFD58F74}.job
2016-03-22 21:38 - 2015-01-28 02:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 21:37 - 2014-09-21 19:30 - 00000932 _____ C:\Windows\Tasks\MaxigetUpdaterTaskMachineUA.job
2016-03-22 21:28 - 2014-12-08 11:37 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2335575561-2103832806-512499992-1001
2016-03-22 21:23 - 2014-02-28 23:45 - 00000000 ____D C:\Users\bitem_000\AppData\Local\CrashDumps
2016-03-22 21:23 - 2014-02-11 19:35 - 00000000 __RDO C:\Users\bitem_000\SkyDrive
2016-03-22 21:19 - 2014-06-04 20:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-03-22 20:22 - 2015-04-04 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-22 20:21 - 2014-06-04 20:43 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-03-22 19:37 - 2014-09-21 19:30 - 00000928 _____ C:\Windows\Tasks\MaxigetUpdaterTaskMachineCore.job
2016-03-22 18:51 - 2014-02-28 14:57 - 00000366 _____ C:\Windows\Tasks\bench-sys.job
2016-03-22 18:05 - 2014-12-20 11:40 - 00003786 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C5D6D2E-E230-41F4-9419-96D2038CAF7D}
2016-03-22 17:54 - 2014-09-21 20:22 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\uTorrent
2016-03-22 16:53 - 2014-09-22 21:06 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-22 16:40 - 2015-11-03 05:00 - 00000000 ____D C:\Users\AMorrow\My Documents
2016-03-22 16:13 - 2016-01-18 22:09 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\IMVU
2016-03-22 16:02 - 2014-09-04 17:53 - 03047424 ___SH C:\Users\bitem_000\Desktop\Thumbs.db
2016-03-22 11:52 - 2015-07-09 01:30 - 00000000 ___RD C:\Users\bitem_000\OneDrive
2016-03-22 11:41 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-22 11:33 - 2014-08-04 19:58 - 00000000 ____D C:\Users\bitem_000\AppData\Local\Adobe
2016-03-22 11:33 - 2013-12-03 06:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-22 11:33 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Inf
2016-03-22 11:28 - 2014-02-11 19:28 - 00000000 ____D C:\Users\bitem_000
2016-03-22 11:27 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-21 11:18 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-03-21 11:18 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-21 11:15 - 2015-01-01 21:03 - 00000000 ____D C:\Program Files (x86)\IObit
2016-03-21 10:51 - 2016-02-01 11:52 - 00003064 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-03-21 10:51 - 2016-02-01 11:52 - 00002728 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (AMorrow)
2016-03-19 19:58 - 2015-01-28 02:37 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-03-18 11:29 - 2015-05-11 13:46 - 00000000 ____D C:\Users\bitem_000\AppData\Local\Akamai
2016-03-17 22:13 - 2015-04-08 18:33 - 00000000 ____D C:\Users\bitem_000\Desktop\Aiesha Student Classes
2016-03-17 18:31 - 2014-08-30 15:36 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Skype
2016-03-15 08:45 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-11 22:19 - 2013-08-22 09:44 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-11 16:35 - 2013-08-22 08:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-03-11 16:30 - 2015-04-26 22:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 16:30 - 2013-08-22 14:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-11 16:30 - 2013-08-22 10:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-11 16:26 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 13:58 - 2013-08-22 08:25 - 00000167 _____ C:\Windows\win.ini
2016-03-11 13:44 - 2015-04-27 10:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-11 13:44 - 2015-04-27 10:35 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-11 10:47 - 2016-01-18 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-11 10:47 - 2016-01-18 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-09 13:22 - 2016-01-21 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-03-09 13:22 - 2016-01-21 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-03-09 13:22 - 2016-01-21 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-03-09 13:22 - 2015-10-08 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-03-09 13:22 - 2015-10-03 09:49 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2016-03-09 13:22 - 2015-07-09 01:33 - 00000000 ____D C:\Windows\en
2016-03-09 13:22 - 2015-05-27 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-03-09 13:22 - 2015-04-16 14:58 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-09 13:22 - 2014-10-18 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-09 13:22 - 2014-10-07 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-09 13:22 - 2014-09-02 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-09 13:22 - 2014-06-04 20:31 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-03-09 13:22 - 2014-03-03 16:00 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-09 13:22 - 2014-03-03 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-09 13:22 - 2014-03-02 18:16 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-03-09 13:22 - 2014-02-17 21:55 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 13:22 - 2014-01-06 01:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2016-03-09 13:22 - 2014-01-06 01:34 - 00000000 ____D C:\Program Files\Intel
2016-03-09 13:22 - 2013-12-03 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-03-09 13:22 - 2013-08-22 14:12 - 00000000 ____D C:\Windows\ShellNew
2016-03-09 13:22 - 2013-08-22 14:10 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\spool
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\MediaViewer
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-09 13:22 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\oobe
2016-03-09 11:43 - 2016-02-05 13:57 - 00001618 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_AMorrow
2016-03-09 11:43 - 2016-01-28 18:44 - 00001918 _____ C:\Windows\System32\Tasks\RTKCPL
2016-03-09 11:43 - 2015-10-15 12:22 - 00001852 _____ C:\Windows\System32\Tasks\{556D986D-E603-4743-BCCC-4B64F77AC64A}
2016-03-09 11:43 - 2015-01-23 17:45 - 00001774 _____ C:\Windows\System32\Tasks\{A1985B2E-1B42-4918-926A-F42415FBE0F1}
2016-03-09 11:43 - 2014-09-17 13:26 - 00001748 _____ C:\Windows\System32\Tasks\{5EFDC5A9-AB26-47F1-A0C0-E6610A99E0B9}
2016-03-09 11:43 - 2014-01-06 01:44 - 00001834 _____ C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2016-03-09 11:42 - 2016-01-21 21:15 - 00001882 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-03-09 11:42 - 2016-01-21 21:15 - 00001578 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_AMorrow
2016-03-09 11:42 - 2015-10-08 22:26 - 00001834 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-03-09 11:42 - 2015-10-08 22:26 - 00001704 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2016-03-09 11:42 - 2015-04-18 23:20 - 00002028 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Aiesha-AMorrow
2016-03-09 11:42 - 2015-01-28 02:37 - 00002862 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-03-09 11:42 - 2015-01-28 02:37 - 00002634 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-09 11:42 - 2015-01-01 21:04 - 00001572 _____ C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2016-03-09 11:42 - 2014-09-22 21:06 - 00002794 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411437969
2016-03-09 11:42 - 2014-09-21 19:35 - 00001800 _____ C:\Windows\System32\Tasks\Advanced-System Protector_startup
2016-03-09 11:42 - 2014-09-21 19:33 - 00001732 _____ C:\Windows\System32\Tasks\ASP
2016-03-09 11:39 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-08 23:56 - 2014-02-17 21:55 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-02 21:36 - 2014-02-11 19:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 12:01 - 2015-10-08 22:26 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-03-01 19:49 - 2015-07-22 19:53 - 00000000 ____D C:\Users\bitem_000\AppData\Local\Google
2016-02-29 14:14 - 2015-10-21 12:26 - 00000000 ____D C:\Users\bitem_000\Desktop\Launcher
2016-02-26 21:39 - 2015-10-13 09:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-23 16:44 - 2014-09-17 13:26 - 00000000 ____D C:\Users\bitem_000\AppData\Local\ElevatedDiagnostics
 
==================== Files in the root of some directories =======
 
2016-03-22 16:38 - 2013-06-24 03:22 - 0072890 _____ () C:\Program Files (x86)\1.reg
2016-03-22 16:38 - 2013-06-24 06:44 - 0010912 _____ () C:\Program Files (x86)\4.bat
2016-03-22 16:38 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part01.exe
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part02.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part03.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part04.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part05.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part06.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part07.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part08.rar
2016-03-22 16:40 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part09.rar
2016-03-22 16:40 - 2013-06-24 13:37 - 104857600 _____ () C:\Program Files (x86)\documents.part10.rar
2016-03-22 16:40 - 2013-06-24 13:37 - 33854712 _____ () C:\Program Files (x86)\documents.part11.rar
2016-03-22 16:40 - 2013-03-10 09:01 - 0114427 _____ () C:\Program Files (x86)\Game.ico
2016-03-22 16:40 - 2013-06-24 11:31 - 0006866 _____ () C:\Program Files (x86)\Language cs-CZ.reg
2016-03-22 16:40 - 2013-06-24 11:32 - 0006866 _____ () C:\Program Files (x86)\Language en-US.reg
2015-05-07 22:08 - 2015-11-24 18:58 - 0558080 _____ () C:\Users\bitem_000\AppData\Roaming\SharedSettings.ccs
2015-09-10 22:10 - 2015-09-12 14:27 - 0005120 _____ () C:\Users\bitem_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-11 21:04 - 2014-11-11 21:04 - 0003918 _____ () C:\Users\bitem_000\AppData\Local\recently-used.xbel
2014-01-06 01:40 - 2014-01-06 01:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\bitem_000\AppData\Local\Temp\4ac740ed0737c50e0c4227614cb5d8cb.dll
C:\Users\bitem_000\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\bitem_000\AppData\Local\Temp\e59cb6cfa06d1bd57392eb68b18ec269.dll
C:\Users\bitem_000\AppData\Local\Temp\InstallIMVU_523.0.exe
C:\Users\bitem_000\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-05 11:35
 
==================== End of FRST.txt ============================

Edited by chaelea, 22 March 2016 - 08:57 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: virus, malware removal

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP