FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by SONY (administrator) on SUPERLANCE-PC (18-06-2016 11:40:41)
Running from C:\Users\SONY\Desktop
Loaded Profiles: SONY (Available Profiles: SONY)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Enigma Software Group USA, LLC.) D:\New Downloaded Files\SpyHunter 4.21.10.4585 Portable by wood\SpyHunter4.exe
(Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Fast Windows Hider\fwh.exe
(BitTorrent Inc.) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Apple Inc.) D:\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [242552 2013-09-26] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-01-31] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [461560 2014-07-28] (IVT Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248 2015-11-10] (Tonec Inc.)
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [837632 2015-11-18] (RemoteMouse.net)
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Run: [GoogleChromeAutoLaunch_79F1A261ED58496F2C6780BA48906A79] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Run: [Fast Windows Hider] => C:\Program Files (x86)\Fast Windows Hider\fwh.exe [796160 2010-02-04] ()
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Run: [uTorrent] => C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe [1987584 2016-06-10] (BitTorrent Inc.)
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Run: [Acjworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\SONY\AppData\Local\Itpksoft\hmzmicsd.dll
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\MountPoints2: {8eca3634-e5f6-11e5-8e9d-90004e9b9afd} - G:\Lenovo_Suite.exe
Lsa: [Notification Packages] scecli IVTCredentialProvider
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-05-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sh4native Sh4Removal
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2781238C-72DD-4803-89C0-FA08EBDE932C}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{7E844D01-7B0E-43FD-BA46-4013B6EA446B}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2633912966-161357401-2138039649-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: BlueSoleil Extension - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\FireFox\
[email protected] [2016-02-07] [not signed]
FF HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\SeaMonkey\Extensions: [
[email protected]] - C:\Users\SONY\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\SONY\AppData\Roaming\IDM\idmmzcc5 [2016-06-17] [not signed]
FF HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\SeaMonkey\Extensions: [
[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09]
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll => No File
CHR Profile: C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Gom VPN - Bypass and unblock) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckiahbcmlmkpfiijecbpflfahoimklke [2016-06-17]
CHR Extension: (Adobe Acrobat) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-06-13]
CHR Extension: (AdBlock) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-03]
CHR Extension: (Unlimited Free VPN - Betternet) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-05-01]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-06-18]
CHR Extension: (IDM Integration Module) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SONY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-10]
CHR HKLM\...\Chrome\Extension: [cocpghbdppojfnfpjhmlcfkljjjfpika] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\Chrome\TS_Chrome.crx [2014-07-23]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [3246984 2014-07-28] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [158456 2014-07-23] (IVT Corporation)
R2 BsMobileCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [273656 2014-07-23] (IVT Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 cPhoneSDKCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe [281456 2014-06-16] (IVT Corporation)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2875008 2016-05-28] (AnchorFree Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [X]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\SafeEraser\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [41184 2013-10-08] (IVT Corporation)
R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [41184 2013-10-08] (IVT Corporation)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [22240 2011-12-21] (IVT Corporation.)
R3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [29944 2014-06-24] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44152 2014-07-14] (IVT Corporation.)
R3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24032 2013-10-08] (IVT Corporation.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-02] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44648 2015-09-19] (AnchorFree Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
R3 IvtComBusSrv; C:\Windows\System32\Drivers\btcombus.sys [25440 2013-11-18] (IVT Corporation.)
R3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [120520 2013-06-20] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0045.sys [38432 2016-01-21] (SoftEther Corporation)
S3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [7689216 2010-05-31] (Intel Corporation) [File not signed]
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-31] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-09-19] (Anchorfree Inc.)
S3 VHidMinidrv; C:\Windows\System32\drivers\VHIDMini.sys [18952 2011-07-27] (IVT Corporation.)
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 20:00 - 2016-06-17 20:00 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-17 11:40 - 2016-06-17 11:57 - 00000000 ____D C:\EEK
2016-06-17 11:35 - 2016-06-17 11:39 - 238762720 _____ C:\Users\SONY\Desktop\EmsisoftEmergencyKit.exe
2016-06-17 08:51 - 2016-06-17 08:51 - 00245238 _____ C:\Users\SONY\Downloads\[kat.cr]voltron.legendary.defender.s01.web.x264.deflate.ettv.torrent
2016-06-17 08:50 - 2016-06-17 08:50 - 00038191 _____ C:\Users\SONY\Downloads\Gods of Egypt (2016) [720p] [YTS.AG].torrent
2016-06-15 23:05 - 2016-06-15 23:05 - 00030843 _____ C:\Users\SONY\Downloads\Eye in the Sky (2015) [720p] [YTS.AG].torrent
2016-06-15 22:50 - 2016-06-15 22:50 - 00035717 _____ C:\Users\SONY\Downloads\The Finest Hours (2016) [720p] [YTS.AG].torrent
2016-06-15 22:49 - 2016-06-15 22:49 - 00028505 _____ C:\Users\SONY\Downloads\Kung Fu Panda 3 (2016) [720p] [YTS.AG].torrent
2016-06-15 21:22 - 2016-06-15 21:22 - 00004466 _____ C:\Users\SONY\Downloads\[kat.cr]game.of.thrones.s06e08.hdtv.x264.killers.ettv.torrent
2016-06-14 15:26 - 2016-06-14 15:26 - 00118387 _____ C:\Users\SONY\Downloads\51DAC0256289674920A46E3DE61E0E3CA7C96106.torrent
2016-06-13 23:19 - 2016-06-13 23:19 - 00000000 ____D C:\Users\SONY\AppData\Local\ESET
2016-06-12 23:56 - 2016-06-12 23:56 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\ProgramData\Intel
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-06-12 23:54 - 2016-06-12 23:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\2C0A
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0C0A
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0C04
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0816
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0804
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0424
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\041F
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\041E
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\041D
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\041B
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0419
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0416
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0415
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0414
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0413
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0412
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0411
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0410
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\040E
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\040D
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\040C
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\040B
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\040A
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0408
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0407
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0406
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0405
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0404
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Windows\system32\0401
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2016-06-12 23:42 - 2016-06-12 23:42 - 08137528 _____ (Sony Corporation) C:\Users\SONY\Desktop\EP0000265238.exe
2016-06-12 23:42 - 2016-06-12 23:42 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-06-12 20:25 - 2016-06-12 20:25 - 03677248 _____ C:\Users\SONY\Desktop\AdwCleaner_2.exe
2016-06-12 15:09 - 2016-06-12 15:09 - 03017376 _____ (ESET) C:\Users\SONY\Desktop\eset_smart_security_live_installer.exe
2016-06-12 15:04 - 2016-06-12 15:04 - 06858912 _____ (ESET spol. s r.o.) C:\Users\SONY\Desktop\esetonlinescanner_enu.exe
2016-06-12 14:53 - 2016-06-12 14:53 - 00000756 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-06-12 14:53 - 2016-06-12 14:53 - 00000000 ____D C:\Program Files\Speccy
2016-06-12 14:52 - 2016-06-12 14:52 - 05111240 _____ (Piriform Ltd) C:\Users\SONY\Desktop\spsetup129.exe
2016-06-12 14:46 - 2016-06-12 14:47 - 106360936 _____ (Intel® Corporation) C:\Users\SONY\Desktop\Wireless_18.40.0_PROSet64_Win7.exe
2016-06-11 23:25 - 2016-06-11 23:25 - 00000000 ____D C:\Users\SONY\AppData\Roaming\ATI
2016-06-11 23:25 - 2016-06-11 23:25 - 00000000 ____D C:\Users\SONY\AppData\Local\ATI
2016-06-11 23:25 - 2016-06-11 23:25 - 00000000 ____D C:\ProgramData\ATI
2016-06-11 23:22 - 2016-06-11 23:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-06-11 22:34 - 2016-06-11 22:34 - 00000000 ____D C:\Program Files\ATI
2016-06-11 22:31 - 2016-06-12 23:55 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-11 22:31 - 2016-06-11 22:31 - 00000000 ____D C:\Intel
2016-06-11 22:30 - 2016-06-11 22:30 - 00000429 _____ C:\Users\SONY\Desktop\reply.txt
2016-06-11 22:08 - 2016-06-11 22:09 - 00080963 _____ C:\Users\SONY\Desktop\SUPERLANCE-PC.txt
2016-06-11 22:07 - 2016-06-11 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-11 22:06 - 2016-06-12 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-06-11 19:39 - 2016-06-11 19:39 - 00036265 _____ C:\Users\SONY\Desktop\MTB.txt
2016-06-11 19:24 - 2016-06-11 19:24 - 00001183 _____ C:\Users\SONY\Desktop\Malwarebytes Anti-Malware.txt
2016-06-11 18:56 - 2016-06-11 18:56 - 00002620 _____ C:\Users\SONY\Desktop\AdwCleaner[C1].txt
2016-06-11 18:54 - 2016-06-11 18:54 - 00014493 _____ C:\Users\SONY\Downloads\[kat.cr]malwarebytes.anti.malware.premium.v2.2.0.1024.2016.pre.activated.sweathand.torrent
2016-06-11 18:46 - 2016-06-13 23:11 - 00000000 ____D C:\AdwCleaner
2016-06-11 18:43 - 2016-06-11 18:43 - 00000000 ____D C:\Users\SONY\AppData\Local\CrashRpt
2016-06-11 18:40 - 2016-06-11 18:41 - 00009825 _____ C:\Users\SONY\Desktop\JRT.txt
2016-06-11 18:36 - 2016-06-11 18:36 - 03677248 _____ C:\Users\SONY\Desktop\AdwCleaner.exe
2016-06-11 18:35 - 2016-06-11 18:35 - 01610816 _____ (Malwarebytes) C:\Users\SONY\Desktop\JRT.exe
2016-06-10 09:46 - 2016-06-10 09:49 - 00013949 _____ C:\Users\SONY\Desktop\Fixlog.txt
2016-06-08 19:06 - 2016-06-18 11:40 - 00020777 _____ C:\Users\SONY\Desktop\FRST.txt
2016-06-08 19:06 - 2016-06-18 11:40 - 00000000 ____D C:\Users\SONY\Desktop\FRST-OlderVersion
2016-06-07 13:03 - 2016-06-07 13:03 - 450433116 _____ C:\Windows\MEMORY.DMP
2016-06-07 13:03 - 2016-06-07 13:03 - 00000000 ____D C:\Windows\Minidump
2016-06-07 08:58 - 2016-06-07 08:58 - 00002173 _____ C:\Users\SONY\Desktop\aswMBR.txt
2016-06-07 08:58 - 2016-06-07 08:58 - 00000512 _____ C:\Users\SONY\Desktop\MBR.dat
2016-06-07 08:44 - 2016-06-18 11:40 - 00000000 ____D C:\FRST
2016-06-07 08:44 - 2016-06-07 08:44 - 05200384 _____ (AVAST Software) C:\Users\SONY\Desktop\aswmbr.exe
2016-06-07 08:43 - 2016-06-18 11:40 - 02386944 _____ (Farbar) C:\Users\SONY\Desktop\FRST64.exe
2016-06-07 08:21 - 2016-06-07 08:21 - 00000000 ____D C:\ProgramData\TEMP
2016-06-06 10:08 - 2016-06-06 10:08 - 00019844 _____ C:\Users\SONY\Downloads\[kat.cr]zootopia.2016.720p.bluray.950mb.shaanig.torrent
2016-06-06 10:06 - 2016-06-06 10:06 - 00017689 _____ C:\Users\SONY\Downloads\[kat.cr]just.the.3.of.us.2016.hdrip.buhaypirata.torrent
2016-06-06 07:52 - 2016-06-06 07:52 - 00000000 ____D C:\Users\SONY\Documents\Wondershare
2016-06-05 17:14 - 2016-06-05 17:14 - 00003284 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-06-05 17:14 - 2016-06-05 16:41 - 00025984 ____R C:\Windows\SysWOW64\sh4native.exe
2016-06-05 17:13 - 2016-06-05 17:13 - 00036669 _____ C:\spyhunter.fix
2016-06-05 16:40 - 2016-06-05 16:40 - 00013514 _____ C:\Users\SONY\Downloads\[kat.cr]spyhunter.4.21.10.4585.portable.by.wood (1).torrent
2016-06-05 16:36 - 2016-06-05 16:36 - 00013514 _____ C:\Users\SONY\Downloads\[kat.cr]spyhunter.4.21.10.4585.portable.by.wood.torrent
2016-06-05 12:59 - 2016-06-13 18:56 - 00017687 _____ C:\Users\SONY\Downloads\Resumen ng Ibang Lokal (sa Al Falah) 2016 - Week 21.xlsx
2016-06-05 12:59 - 2016-06-06 09:04 - 00016464 _____ C:\Users\SONY\Downloads\Resumen ng Ibang Lokal (sa Al Falah) 2016 - Week 22.xlsx
2016-06-05 09:30 - 2016-06-06 09:04 - 00014828 _____ C:\Users\SONY\Downloads\Resumen ng Ibang Lokal (sa Al Falah) 2016 - Week 20.xlsx
2016-06-05 09:26 - 2016-06-05 09:26 - 00028024 _____ C:\Users\SONY\Downloads\Resumen ng Ibang Lokal 10, 12 & 13 (AM & PM) May'16.xlsx
2016-06-03 12:04 - 2016-06-03 12:04 - 00068143 _____ C:\Users\SONY\Downloads\[kat.cr]wwe.smackdown.2016.06.02.hdtv.x264.ebi.tjet.torrent
2016-06-03 11:09 - 2016-06-03 11:09 - 00000000 ____D C:\Users\SONY\AppData\Local\Macroplant_LLC
2016-06-03 11:06 - 2016-06-03 11:06 - 00000000 ____D C:\Users\SONY\AppData\LocalLow\Apple Computer
2016-06-03 10:32 - 2016-06-03 10:32 - 00001440 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-03 10:32 - 2016-06-03 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-03 10:31 - 2016-06-03 10:31 - 00000000 ____D C:\Program Files\iPod
2016-06-03 10:28 - 2016-06-03 10:28 - 00015746 _____ C:\Users\SONY\Downloads\5c8bce4edc71150bd8b90161b4e2c4951b3e9132-Fullmetal-Alchemist-[1-51-Complete-Dubbed] (1).torrent
2016-06-03 09:21 - 2016-06-12 19:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-03 09:20 - 2016-06-11 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-03 09:20 - 2016-06-11 23:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-03 09:20 - 2016-06-03 09:20 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-03 09:20 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-03 09:20 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-03 09:20 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-03 00:08 - 2016-06-03 00:08 - 00000020 ___SH C:\Users\SONY\ntuser.ini
2016-06-02 21:18 - 2016-06-02 21:18 - 00000000 _____ C:\autoexec.bat
2016-06-02 21:16 - 2016-06-02 21:16 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-06-02 20:46 - 2016-06-02 20:46 - 00000000 ____D C:\Users\SONY\AppData\Roaming\www.shadowexplorer.com
2016-06-02 20:28 - 2016-06-02 20:28 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-02 20:25 - 2016-06-02 20:25 - 49152216 _____ (Microsoft Corporation) C:\Users\SONY\Desktop\Windows-KB890830-x64-V5.36.exe
2016-06-02 20:24 - 2016-06-02 20:24 - 00000000 ____D C:\ProgramData\ESET
2016-06-02 20:17 - 2016-06-02 20:17 - 00012380 _____ C:\Users\Default\# DECRYPT MY FILES #.html
2016-06-02 20:17 - 2016-06-02 20:17 - 00010509 _____ C:\Users\Default\# DECRYPT MY FILES #.txt
2016-06-02 20:17 - 2016-06-02 20:17 - 00000216 _____ C:\Users\Default\# DECRYPT MY FILES #.vbs
2016-06-02 20:17 - 2016-06-02 20:17 - 00000085 _____ C:\Users\Default\# DECRYPT MY FILES #.url
2016-06-02 19:54 - 2016-06-02 19:54 - 00003636 _____ C:\Windows\System32\Tasks\newdev
2016-06-01 23:12 - 2016-06-01 23:12 - 00020250 _____ C:\Users\SONY\Downloads\[kat.cr]love.is.blind.2016.hdrip.720p.x264.rsg.torrent
2016-06-01 23:11 - 2016-06-01 23:11 - 00023319 _____ C:\Users\SONY\Downloads\[kat.cr]beauty.and.the.bestie.2015.hdrip.x264.rsg.torrent
2016-06-01 23:11 - 2016-06-01 23:11 - 00022995 _____ C:\Users\SONY\Downloads\[kat.cr]all.you.need.is.pag.ibig.2015.hdrip.720p.x264.rsg.torrent
2016-06-01 23:10 - 2016-06-01 23:10 - 00027002 _____ C:\Users\SONY\Downloads\[kat.cr]the.prenup.2015.hdrip.720p.x264.rsg.torrent
2016-06-01 07:28 - 2016-06-01 07:28 - 00132007 _____ C:\Users\SONY\Downloads\[kat.cr]wwe.raw.2016.05.30.hdtv.x264.overtime.rartv.torrent
2016-05-30 20:41 - 2016-05-30 20:41 - 00173825 _____ C:\Users\SONY\Downloads\[kat.cr]ufc.fight.night.88.web.dl.h264.fight.bb.torrent
2016-05-30 20:40 - 2016-05-30 20:40 - 00004130 _____ C:\Users\SONY\Downloads\[kat.cr]game.of.thrones.s06e06.hdtv.x264.killers.ettv.torrent
2016-05-27 09:36 - 2016-05-27 09:36 - 00000000 _____ C:\Windows\maraes
2016-05-25 13:04 - 2016-05-25 13:04 - 00003469 _____ C:\Users\SONY\Downloads\63C89D7F5A4EE4574194376746CCFE0ADA0976F1.torrent
2016-05-24 16:22 - 2016-05-24 16:22 - 00020944 _____ C:\Users\SONY\Downloads\[kat.cr]gfrevenge.ava.taylor.screen.shot.torrent
2016-05-24 16:21 - 2016-05-24 16:21 - 00057871 _____ C:\Users\SONY\Downloads\[kat.cr]ava.taylor.2015.hd.720p.torrent
2016-05-24 16:17 - 2016-05-24 16:17 - 00044719 _____ C:\Users\SONY\Downloads\[kat.cr]teenslovemoney.ava.taylor.windy.city.snatch.07.08.2014.torrent
2016-05-24 16:17 - 2016-05-24 16:17 - 00017175 _____ C:\Users\SONY\Downloads\[kat.cr]tiny4k.ava.taylor.tiny.latina.07.01.2014.torrent
2016-05-24 16:16 - 2016-05-24 16:16 - 00016195 _____ C:\Users\SONY\Downloads\[kat.cr]povd.ava.taylor.in.loft.[bleep]ing.torrent
2016-05-24 16:15 - 2016-05-24 16:15 - 00114217 _____ C:\Users\SONY\Downloads\[kat.cr]exploited18.14.03.12.ava.taylor.xxx.1080p.mp4.ktr.torrent
2016-05-24 16:13 - 2016-05-24 16:13 - 00009632 _____ C:\Users\SONY\Downloads\[kat.cr]cfnmteens.ava.taylor.vacation.time.office.quickie.torrent
2016-05-24 16:10 - 2016-05-24 16:10 - 00011604 _____ C:\Users\SONY\Downloads\[kat.cr]therealworkout.ava.taylor.sorry.about.your.balls.torrent
2016-05-24 09:54 - 2016-05-24 09:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-24 09:42 - 2016-05-24 09:42 - 00000000 ____D C:\Users\SONY\Tracing
2016-05-24 09:41 - 2016-05-24 09:41 - 00000000 ____D C:\Users\SONY\AppData\Local\bluesoleil voip
2016-05-24 09:38 - 2016-05-24 09:38 - 00118613 _____ C:\Users\SONY\Downloads\[kat.cr]wwe.raw.05.23.2016.hdtv.x264.fmn.tjet.torrent
2016-05-24 09:36 - 2016-05-24 09:36 - 00169083 _____ C:\Users\SONY\Downloads\[kat.cr]wwe.raw.05.23.2016.720p.hdtv.x264.fmn.tjet.torrent
2016-05-23 15:39 - 2016-05-23 15:39 - 00004723 _____ C:\Users\SONY\Downloads\[kat.cr]game.of.thrones.s06e05.hdtv.x264.killers.ettv.torrent
2016-05-23 11:56 - 2016-05-23 11:56 - 00180829 _____ C:\Users\SONY\Downloads\[kat.cr]wwe.extreme.rules.2016.ppv.web.h264.heel.tjet.torrent
2016-05-20 21:09 - 2016-05-20 21:09 - 00016865 _____ C:\Users\SONY\Downloads\60de7fc58c58e6f59ca33bdcace82c35be959a9b-Trigun-Complete-[Dual].torrent
2016-05-20 01:13 - 2016-05-20 01:13 - 00015746 _____ C:\Users\SONY\Downloads\5c8bce4edc71150bd8b90161b4e2c4951b3e9132-Fullmetal-Alchemist-[1-51-Complete-Dubbed].torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-18 11:41 - 2016-05-16 10:00 - 00000000 ____D C:\Users\SONY\AppData\Roaming\uTorrent
2016-06-18 11:41 - 2015-11-10 22:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-18 11:00 - 2015-11-10 22:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-18 05:41 - 2015-11-10 22:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-18 04:49 - 2015-11-10 22:41 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 04:49 - 2015-11-10 22:41 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 20:00 - 2015-11-10 22:42 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 20:00 - 2015-11-10 22:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 20:00 - 2015-11-10 22:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 13:19 - 2015-11-10 22:40 - 00000000 ____D C:\Users\SONY\AppData\Roaming\vlc
2016-06-17 11:42 - 2015-11-13 13:50 - 00000000 ____D C:\Users\SONY\AppData\Roaming\DMCache
2016-06-17 08:34 - 2009-07-14 08:45 - 00031152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 08:34 - 2009-07-14 08:45 - 00031152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 08:31 - 2014-07-28 17:39 - 00001628 _____ C:\Windows\SysWOW64\bscs.ini
2016-06-17 08:28 - 2016-02-07 23:04 - 00006493 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-06-17 08:28 - 2016-02-07 23:04 - 00000105 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-06-17 08:27 - 2015-11-10 22:40 - 00000000 ____D C:\Program Files (x86)\SMADAV
2016-06-17 08:26 - 2009-07-14 09:08 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-17 08:26 - 2009-07-14 09:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-16 21:52 - 2009-07-14 07:20 - 00000000 ____D C:\Windows\inf
2016-06-13 07:24 - 2009-07-14 09:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 23:56 - 2016-05-14 10:17 - 00000000 ____D C:\Users\SONY\AppData\Roaming\Intel
2016-06-12 23:55 - 2016-05-14 10:16 - 00000000 ____D C:\Program Files\Intel
2016-06-12 23:43 - 2016-02-24 18:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-12 23:43 - 2011-04-12 12:17 - 00000000 ____D C:\Windows\system32\0409
2016-06-12 20:30 - 2016-01-21 23:54 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2016-06-11 23:54 - 2015-11-10 22:14 - 00000000 ____D C:\Users\SONY
2016-06-11 23:52 - 2016-02-07 23:01 - 00000000 ____D C:\Users\SONY\AppData\Local\bluesoleil
2016-06-11 23:52 - 2016-01-21 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-06-11 23:52 - 2016-01-21 23:29 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-06-11 23:52 - 2015-11-13 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-06-11 23:52 - 2015-11-13 15:21 - 00000000 ____D C:\Program Files\TAP-Windows
2016-06-11 23:52 - 2015-11-13 15:21 - 00000000 ____D C:\Program Files (x86)\OpenVPN
2016-06-11 23:52 - 2015-11-13 15:21 - 00000000 ____D C:\Program Files (x86)\betternet
2016-06-11 23:52 - 2015-11-10 22:22 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-11 23:51 - 2009-07-14 07:20 - 00000000 ____D C:\Windows\registration
2016-06-11 23:33 - 2016-02-24 18:53 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-06-10 10:08 - 2016-05-14 10:02 - 00000000 ____D C:\Windows\AutoKMS
2016-06-08 19:00 - 2009-07-14 08:45 - 00414656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-08 08:02 - 2015-11-11 00:35 - 00108840 _____ C:\Users\SONY\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-07 23:22 - 2016-02-02 23:30 - 00000000 ____D C:\ProgramData\Adobe
2016-06-07 23:16 - 2016-01-21 23:27 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-06-06 12:49 - 2015-11-13 13:50 - 00000000 ____D C:\Users\SONY\Downloads\Video
2016-06-05 13:44 - 2016-02-06 20:37 - 00000573 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2016-06-05 09:24 - 2016-05-14 10:03 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-03 11:03 - 2015-11-21 17:44 - 00000000 ____D C:\Users\SONY\AppData\Roaming\WinRAR
2016-06-03 10:31 - 2016-04-15 11:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-03 10:31 - 2015-11-13 11:25 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-03 10:24 - 2016-05-16 18:07 - 00000000 ____D C:\Users\SONY\Downloads\Daimos
2016-06-03 10:24 - 2016-05-15 15:34 - 00000000 ____D C:\Users\SONY\AppData\Roaming\HYXDevPsnList
2016-06-03 10:24 - 2016-05-14 11:05 - 00000000 ____D C:\Users\SONY\Documents\Kalihiman
2016-06-03 10:24 - 2016-02-24 19:58 - 00000000 ____D C:\Users\SONY\AppData\Roaming\InputMapper
2016-06-03 10:24 - 2015-11-13 13:50 - 00000000 ____D C:\Users\SONY\Downloads\Compressed
2016-06-03 10:24 - 2015-11-13 13:50 - 00000000 ____D C:\Users\SONY\AppData\Roaming\IDM
2016-06-03 10:24 - 2015-11-13 13:48 - 00000000 ____D C:\Users\SONY\Downloads\Internet Download Manager (IDM) 6.25 Build 3 Registered (32bit + 64bit Patch) [CrackingPatching]
2016-06-03 10:24 - 2015-11-10 22:40 - 00000000 ____D C:\Users\SONY\AppData\Roaming\Skype
2016-06-03 10:10 - 2009-07-14 07:20 - 00000000 ____D C:\Windows\Web
2016-05-29 08:23 - 2015-11-10 22:40 - 00000000 ____D C:\ProgramData\Skype
2016-05-28 13:26 - 2016-01-21 23:54 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-05-24 09:58 - 2016-02-02 23:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-05-24 09:53 - 2016-02-02 23:27 - 00000000 ____D C:\Users\SONY\Desktop\Adobe Acrobat XI
==================== Files in the root of some directories =======
2007-08-17 03:00 - 2007-08-17 03:00 - 0001669 _____ () C:\Users\SONY\AppData\Roaming\CranageInadvertency.LLw
1994-03-11 04:00 - 1994-03-11 04:00 - 0053252 _____ () C:\Users\SONY\AppData\Roaming\Introvert.J
1986-03-18 04:00 - 1986-03-18 04:00 - 0002274 _____ () C:\Users\SONY\AppData\Roaming\PrivetOdor.SXy
1992-04-05 03:00 - 1992-04-05 03:00 - 0049764 _____ () C:\Users\SONY\AppData\Roaming\RedeAria.FHs
2013-05-27 03:00 - 2013-05-27 03:00 - 0049883 _____ () C:\Users\SONY\AppData\Roaming\Submersible.rFx
2012-06-16 03:00 - 2012-06-16 03:00 - 0002267 _____ () C:\Users\SONY\AppData\Roaming\Temporary.5
2015-11-15 18:18 - 2015-11-15 18:18 - 0000017 _____ () C:\Users\SONY\AppData\Local\resmon.resmoncfg
Files to move or delete:
====================
C:\Users\Default\# DECRYPT MY FILES #.vbs
Some files in TEMP:
====================
C:\Users\SONY\AppData\Local\Temp\certmgr.exe
C:\Users\SONY\AppData\Local\Temp\GLF71DD.EXE
C:\Users\SONY\AppData\Local\Temp\GLF7F60.EXE
C:\Users\SONY\AppData\Local\Temp\hss_update.exe
C:\Users\SONY\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-17 00:23
==================== End of FRST.txt ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by SONY (2016-06-18 11:41:57)
Running from C:\Users\SONY\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-11-10 18:14:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2633912966-161357401-2138039649-500 - Administrator - Disabled)
Guest (S-1-5-21-2633912966-161357401-2138039649-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2633912966-161357401-2138039649-1002 - Limited - Enabled)
SONY (S-1-5-21-2633912966-161357401-2138039649-1000 - Administrator - Enabled) => C:\Users\SONY
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\uTorrent) (Version: 3.4.8.42382 - BitTorrent Inc.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Betternet (HKLM-x32\...\Betternet) (Version: - )
BlueSoleil 10.0.479.1 (HKLM\...\{9453A661-550D-4FB9-BC91-3C1EEDF2ABDB}) (Version: 10.0.479.1 - IVT Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Fast Windows Hider 3.9 (HKU\S-1-5-21-2633912966-161357401-2138039649-1000\...\Fast Windows Hider) (Version: 3.9 - Hidetools)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hotspot Shield 5.20.22 Embedded (x32 Version: 5.20.22.9384 - Buildbot) Hidden
IDM Patch 6.25 build 03 (HKLM-x32\...\IDM Patch 6.25 build 03) (Version: build 03 - SandySeedings Team)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Remote Mouse version 2.702 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.702 - Remote Mouse)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.0 - Renesas Electronics Corporation) Hidden
SMADAV version 10.3.1 (HKLM-x32\...\{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1) (Version: 10.3.1 - SmadSoft)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.10 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Driver Package - Atheros Communications Inc. (athr) Net (12/29/2009 8.0.0.279) (HKLM\...\BADC2853BAE2C2BA5C60113ADD1F3A253131BAAD) (Version: 12/29/2009 8.0.0.279 - Atheros Communications Inc.)
Windows Driver Package - Marvell (yukonw7) Net (04/16/2010 11.25.2.3) (HKLM\...\75E14D32AED1E199C9067D18261BF018CF8790C6) (Version: 04/16/2010 11.25.2.3 - Marvell)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {313A7B69-2B86-4E5A-8059-7A9358D199A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.)
Task: {344C2CC2-D7F1-42E7-838F-7BA2A6207E5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {4A6B2C31-DA73-4BEA-8DE1-0C68E395B6D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.)
Task: {7C01B44C-A1C9-4902-A904-90E05D79241F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {8CBF722D-75D4-4372-AF6C-8ADA8506E657} - System32\Tasks\SpyHunter4Startup => D:\New Downloaded Files\SpyHunter 4.21.10.4585 Portable by wood\SpyHunter4.exe [2016-06-05] (Enigma Software Group USA, LLC.)
Task: {C9EF939B-5B04-4DA6-B71B-9721D9651B04} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {DA84BEB0-85B4-4E80-8875-2E2B9C9E1F50} - System32\Tasks\newdev => C:\Users\SONY\AppData\Roaming\{B48A451A-18BC-FC82-BAAB-3811A90BF5E1}\newdev.exe
Task: {DFD39FC8-C264-485A-9F85-5AC6986EC6E1} - System32\Tasks\{CC3453B8-21D7-43FE-86C0-29531ECD6A70} => C:\Users\SONY\Downloads\Compressed\DS4Windows_2\DS4Windows.exe [2015-12-17] ()
Task: {F1649DBA-F2EC-4707-81E9-A7E468FDA95D} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [2015-08-20] (Smadsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-07-23 16:02 - 2014-07-23 16:02 - 00268536 _____ () C:\Windows\system32\IVTCredentialProvider.DLL
2014-07-23 16:02 - 2014-07-23 16:02 - 00028920 _____ () C:\Windows\system32\BsTrace.dll
2014-07-23 16:02 - 2014-07-23 16:02 - 00028920 _____ () C:\Windows\System32\BsTrace.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 16:02 - 2014-07-23 16:02 - 00017144 _____ () C:\Windows\system32\BsHelpCSps.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-11-10 22:30 - 2015-01-30 17:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-02-04 12:26 - 2010-02-04 12:26 - 00796160 _____ () C:\Program Files (x86)\Fast Windows Hider\fwh.exe
2014-06-16 17:01 - 2014-06-16 17:01 - 00353792 _____ () C:\Windows\system32\cPhoneSDK.dll
2014-06-16 17:01 - 2014-06-16 17:01 - 00086528 _____ () C:\Windows\system32\cPhoneSDKTL.dll
2014-06-16 17:01 - 2014-06-16 17:01 - 00194048 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\InstallApkWithcPhone.dll
2014-07-23 16:02 - 2014-07-23 16:02 - 00075512 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2014-07-23 16:02 - 2014-07-23 16:02 - 00019704 _____ () C:\Windows\system32\BsMobileCSps.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00313656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2014-07-25 10:11 - 2014-07-25 10:11 - 00367352 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll
2014-07-23 16:01 - 2014-07-23 16:01 - 00031480 _____ () C:\Windows\SysWow64\BsHelpCSps.dll
2014-07-23 16:01 - 2014-07-23 16:01 - 00813816 _____ () C:\Windows\SysWow64\BlueSoleilCSps.dll
2014-07-04 09:31 - 2014-07-04 09:31 - 00035672 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Driver\USB\btcusb.dll
2014-06-16 17:03 - 2014-06-16 17:03 - 00236280 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\BaseLib.dll
2014-06-16 17:03 - 2014-06-16 17:03 - 00056056 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\ExtraLib.dll
2014-06-16 17:03 - 2014-06-16 17:03 - 00048376 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\cscvt.dll
2014-07-23 16:01 - 2014-07-23 16:01 - 00016632 _____ () C:\Windows\SysWOW64\BsMobileCSps.dll
2014-06-16 17:03 - 2014-06-16 17:03 - 00039672 _____ () C:\Windows\SysWOW64\cPhoneSDKCSps.dll
2016-05-28 04:08 - 2016-05-28 04:08 - 00166528 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-07-23 16:02 - 2014-07-23 16:02 - 00162552 _____ () C:\Windows\system32\BsProfilefunc.dll
2014-06-16 17:03 - 2014-06-16 17:03 - 00126200 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\s40pack.dll
2016-05-15 15:34 - 2015-04-28 15:22 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-05-15 15:34 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-06-09 01:44 - 2016-06-04 05:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-09 01:44 - 2016-06-04 05:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 17:56 - 2015-04-13 17:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00096704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00091584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00084928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00034752 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00961472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 01303488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00127936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttp_plugin.dll
2015-04-13 17:57 - 2015-04-13 17:57 - 00088512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00304576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 01549248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00363456 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2015-04-13 18:00 - 2015-04-13 18:00 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00772544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00702400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00125376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00064448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00030656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2015-04-13 17:58 - 2015-04-13 17:58 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-13 17:59 - 2015-04-13 17:59 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 06:34 - 2016-06-07 08:22 - 00000283 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 systweak.com
127.0.0.1 updateservice1.systweak.com
127.0.0.1 www.systweak.com
127.0.0.1 systemspeedup.systweak.com
127.0.0.1 systweak.com/STCheckGenuineness
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2633912966-161357401-2138039649-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SONY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{619DF3A2-EA35-4571-81A0-2AEBA500562F}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A050DB11-C8F2-42E4-A024-253474A426C3}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5F0B0552-AD79-4C9F-B54E-D434B9A46810}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07C158E1-62E5-4C25-8E87-D000135A880B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9204912D-F6DE-4E1A-A787-4A113F4BC842}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{74C7BCBE-CBCA-4096-96AD-9E17160CD78C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3288C64-3691-4B55-9AF0-B439C9548610}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{A18A3C48-DC92-4A75-B522-6760A7182279}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{5EEB583E-255E-49C3-9D80-DD98C6A75A5E}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{2482429A-F30A-49CA-A394-834D461B1235}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{05E02943-E1E5-4BD9-BEA3-E0890417FE26}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{5D1A0CBC-F00D-46E5-BD29-CEBAF22D9780}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{C35F0EEA-FDE1-407F-8FA0-E1C56F1FE121}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{C7206E1F-FF68-476E-A4AD-8CD20AA540AC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{CE92CA78-3926-4BA1-AB58-8CED6B38DAE2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{F0C0ADE4-3F60-4215-B537-FA226D85ECF2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{1C049B5F-5ED4-4339-90E7-1B56BB008284}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
FirewallRules: [{BF76EA96-C3DE-4AA1-B1DE-2BA745FA9CA5}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe
FirewallRules: [{8CF2DFE8-6221-4EE3-BB49-7743D5ADD51E}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{549FF6BA-2C88-4D63-A42A-F6785E9AF9A1}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{2810A731-9980-40A8-B33F-234700808FD1}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{2F555E2B-A281-4DA7-A84D-DAA0C5312407}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [TCP Query User{6F6FA86C-A174-427D-884E-7863EDB4D1B9}C:\users\sony\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\sony\appdata\roaming\utorrent\updates\3.4.6_42094.exe
FirewallRules: [UDP Query User{CA5D7E1E-008C-436A-9B8F-8C5020EEE2C1}C:\users\sony\appdata\roaming\utorrent\updates\3.4.6_42094.exe] => (Allow) C:\users\sony\appdata\roaming\utorrent\updates\3.4.6_42094.exe
FirewallRules: [{566FDAA8-E9A4-44AA-9E21-628F491F8257}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8689E4BF-0CFE-4F55-9C0F-C4AFA0090686}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9598C890-8B65-4762-AF79-B452A24C4962}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A1FFDDED-D56E-4964-B70B-220CDEC63208}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9134A64F-480B-4C7A-A065-74426A29F0DC}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EF3BC81-D276-4050-B020-929C0C77F882}] => (Allow) C:\Users\SONY\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{96B3F11B-5AA5-48E5-AA54-6247BFE1D997}] => (Allow) D:\iTunes\iTunes.exe
FirewallRules: [{379BB141-FDF8-4D2B-BA79-35F4E1EA6F03}] => (Allow) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
FirewallRules: [{8EA9652F-9DAC-46CB-AB4F-AE7BC881A15D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{716DB2A2-2355-4156-AC8D-4F27E25BA2C4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AEBD48FC-A853-428D-9922-64A4719C19CD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A512545D-B014-4B72-907B-FDCC80BE0BFE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{653360F2-59AC-4763-BFCA-8C201AD929E5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{32242E73-6F2F-4A02-9757-7A87A6C63B6B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{ACBBC1A7-0B56-4375-BE10-864DEDE455D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-06-2016 09:47:00 Restore Point Created by FRST
10-06-2016 10:04:47 Restore Operation
11-06-2016 18:37:44 JRT Pre-Junkware Removal
11-06-2016 23:47:18 Restore Operation
12-06-2016 23:42:50 Installed Renesas Electronics USB 3.0 Host Controller Driver
12-06-2016 23:45:32 Removed Intel® PROSet/Wireless WiFi Software.
12-06-2016 23:53:40 Intel® PROSet/Wireless Software
==================== Faulty Device Manager Devices =============
Name: StorLib bus (virtual storages support)
Description: StorLib bus (virtual storages support)
Class Guid: {1378e71b-ab4d-4348-af26-cba56b12969e}
Manufacturer: EldoS Corporation
Service: cbfs3
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: IVT_Virtual_0000
Description: IVT_Virtual_0000
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/17/2016 08:26:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/16/2016 09:48:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program esetonlinescanner_enu.exe version 2.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1c7c
Start Time: 01d1c7e8ebb396d3
Termination Time: 484
Application Path: C:\Users\SONY\Desktop\esetonlinescanner_enu.exe
Report Id:
Error: (06/16/2016 12:30:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/16/2016 12:30:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/16/2016 12:30:17 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/16/2016 12:30:17 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/15/2016 10:33:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/15/2016 07:07:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program esetonlinescanner_enu.exe version 2.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 20e0
Start Time: 01d1c6ed6fd05375
Termination Time: 49
Application Path: C:\Users\SONY\Desktop\esetonlinescanner_enu.exe
Report Id:
Error: (06/15/2016 02:05:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program esetonlinescanner_enu.exe version 2.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 28c8
Start Time: 01d1c6e312675878
Termination Time: 159
Application Path: C:\Users\SONY\Desktop\esetonlinescanner_enu.exe
Report Id:
Error: (06/13/2016 12:39:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
System errors:
=============
Error: (06/17/2016 08:25:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (06/16/2016 08:07:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (06/16/2016 08:07:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SONY\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (06/16/2016 08:07:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (06/16/2016 08:07:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SONY\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (06/16/2016 08:06:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (06/16/2016 08:06:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SONY\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (06/16/2016 08:06:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (06/16/2016 08:06:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SONY\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (06/16/2016 08:06:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
CodeIntegrity:
===================================
Date: 2016-05-14 09:39:52.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-14 09:05:06.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-14 08:57:17.474
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 22:50:53.143
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 22:05:58.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 20:54:26.501
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 20:45:44.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 16:05:22.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 15:04:49.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-13 09:48:51.295
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 78%
Total physical RAM: 4007.2 MB
Available physical RAM: 874.88 MB
Total Virtual: 8012.61 MB
Available Virtual: 4300.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.87 GB) (Free:87.26 GB) NTFS
Drive d: () (Fixed) (Total:318.79 GB) (Free:296.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E861DA86)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=318.8 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================