To add on to this, I did what one forum (Welcome to Geeks to Go's Virus, Spyware, and Malware Removal forum) add on.... If it's okay, I blurred out 3 parts...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by A****** (administrator) on AIESHA (22-03-2016 21:48:58)
Running from C:\Users\bitem_000\Desktop
Loaded Profiles: A****** (Available Profiles: A******)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179040 2013-10-15] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Akamai NetSession Interface] => C:\Users\bitem_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Pinger] => "C:\Program Files (x86)\Pinger\Pinger.exe"
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [MyComGames] => "C:\Users\bitem_000\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Run: [BitTorrent] => C:\Users\bitem_000\AppData\Roaming\BitTorrent\BitTorrent.exe [1930760 2016-03-22] (BitTorrent Inc.)
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {02b49778-9ce3-11e4-82b4-008cfaa5d91a} - "E:\Setup.exe"
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {56d4651a-db29-11e4-82b9-008cfaa5d91a} - "E:\setup.exe"
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {56d46869-db29-11e4-82b9-008cfaa5d91a} - "E:\setup.exe"
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\...\MountPoints2: {e7c2ca7a-6c78-11e5-8312-008cfaa5d91a} - "E:\setup.exe"
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
AppInit_DLLs-x32: c:\users\bitem_000\appdata\local\smartbar\application\resources\crdlil.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Sims 2 (PC).lnk [2015-01-23]
ShortcutTarget: The Sims 2 (PC).lnk -> C:\ProgramData\{a7f6857d-6e95-3b4d-a7f6-6857d6e915f5}\The Sims 2 (PC).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk -> C:\ProgramData\{33017e0a-41df-6565-3301-17e0a41df829}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk -> C:\ProgramData\{86012154-2b46-4f04-8601-121542b48550}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Sims 2 (PC).lnk [2015-01-23]
ShortcutTarget: The Sims 2 (PC).lnk -> C:\ProgramData\{a7f6857d-6e95-3b4d-a7f6-6857d6e915f5}\The Sims 2 (PC).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).lnk -> C:\ProgramData\{33017e0a-41df-6565-3301-17e0a41df829}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri (1).exe (No File)
Startup: C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk [2015-01-23]
ShortcutTarget: The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.lnk -> C:\ProgramData\{86012154-2b46-4f04-8601-121542b48550}\The.Sims.2 + All.Expansions [WORKING] - Rebuild - Khaos Industri.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 04 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 05 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 06 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 07 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 08 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 09 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 10 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Winsock: Catalog9 21 C:\Program Files (x86)\Common Files\System\1048\biapp.dll [179200 2014-09-21] ()
Hosts: dmcecclamecbinmplcolhaljlclhbgah
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{3D79F727-A26D-4D17-A4A5-E6E915D23E73}: [NameServer],
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer],
Tcpip\..\Interfaces\{B6B7D4D8-2A84-4549-8EE6-C7DE3AF753BD}: [NameServer],
Tcpip\..\Interfaces\{D02C5239-404F-40E8-AD48-28696C4A28D1}: [NameServer],
Tcpip\..\Interfaces\{D02C5239-404F-40E8-AD48-28696C4A28D1}: [DhcpNameServer]
Internet Explorer:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://,,&q={searchTerms}
HKU\S-1-5-21-2335575561-2103832806-512499992-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://{searchTerms}&pid=724&r=2015/01/23&hid=428756518839837175&lg=EN&cc=US
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://{searchTerms}&pid=724&r=2015/01/23&hid=428756518839837175&lg=EN&cc=US
SearchScopes: HKU\.DEFAULT -> DefaultScope {E28F1A0C-59B2-4998-9720-49AA1AD54A99} URL =
SearchScopes: HKU\.DEFAULT -> {E28F1A0C-59B2-4998-9720-49AA1AD54A99} URL =
SearchScopes: HKU\S-1-5-21-2335575561-2103832806-512499992-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://{searchTerms}&pid=724&r=2015/01/23&hid=428756518839837175&lg=EN&cc=US
SearchScopes: HKU\S-1-5-21-2335575561-2103832806-512499992-1001 -> {C33FB192-1326-4B63-B873-3717BDDB9135} URL = hxxp://{searchTerms}&r=963
SearchScopes: HKU\S-1-5-21-2335575561-2103832806-512499992-1001 -> {E28F1A0C-59B2-4998-9720-49AA1AD54A99} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: RandomPPrIce -> {19fc9b93-e4ed-48b1-b233-f03360bfc49c} -> C:\Program Files (x86)\RandomPPrIce\b2hfeAeiAB7xr7.x64.dll => No File
BHO: 50CoupoNS -> {348a8283-8b9e-4f48-a360-50eb01ef3fee} -> C:\Program Files (x86)\50CoupoNS\oqbuUsy0pHDXtZ.x64.dll => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: RoboSavier -> {9fce6b6e-51fc-4288-82af-f8184880ed73} -> C:\Program Files (x86)\RoboSavier\KR8AKJRTvxnIdY.x64.dll => No File
BHO: DieaLExpresS -> {b0bebb42-6198-44f7-a901-a2fb550384ff} -> C:\Program Files (x86)\DieaLExpresS\V4b93PUN2YiGWP.x64.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: AlLCheuapPriice -> {d6f86340-02a0-4c72-83b3-5cbb6eea4c52} -> C:\Program Files (x86)\AlLCheuapPriice\hQ0YVkdDFDyeTH.x64.dll => No File
BHO: JoniCioupoin -> {e722e2f1-adc2-4077-ab67-3e9cd7e4d528} -> C:\Program Files (x86)\JoniCioupoin\Amv83dKWB73XJK.x64.dll => No File
BHO-x32: No Name -> {19fc9b93-e4ed-48b1-b233-f03360bfc49c} -> No File
BHO-x32: 50CoupoNS -> {348a8283-8b9e-4f48-a360-50eb01ef3fee} -> C:\Program Files (x86)\50CoupoNS\oqbuUsy0pHDXtZ.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-30] (Oracle Corporation)
BHO-x32: RoboSavier -> {9fce6b6e-51fc-4288-82af-f8184880ed73} -> C:\Program Files (x86)\RoboSavier\KR8AKJRTvxnIdY.dll => No File
BHO-x32: No Name -> {b0bebb42-6198-44f7-a901-a2fb550384ff} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: AlLCheuapPriice -> {d6f86340-02a0-4c72-83b3-5cbb6eea4c52} -> C:\Program Files (x86)\AlLCheuapPriice\hQ0YVkdDFDyeTH.dll => No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-30] (Oracle Corporation)
BHO-x32: JoniCioupoin -> {e722e2f1-adc2-4077-ab67-3e9cd7e4d528} -> C:\Program Files (x86)\JoniCioupoin\Amv83dKWB73XJK.dll => No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
FF ProfilePath: C:\Users\bitem_000\AppData\Roaming\Mozilla\Firefox\Profiles\cp3j4k1y.default
FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin:,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32:,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-30] (Oracle Corporation)
FF Plugin-x32:,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-30] (Oracle Corporation)
FF Plugin-x32:,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32:,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32:,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [No File]
FF Plugin-x32: Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\\npMaxigetUpdater3.dll [No File]
FF Plugin-x32:,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2335575561-2103832806-512499992-1001: -> C:\Users\bitem_000\AppData\Local\MyComGames\NPMyComDetector.dll [No File]
FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}] - C:\Program Files (x86)\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6} => not found
CHR Profile: C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-26]
CHR Extension: (Google Docs) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-26]
CHR Extension: (Google Drive) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-26]
CHR Extension: (YouTube) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-26]
CHR Extension: (Google Search) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-26]
CHR Extension: (Google Sheets) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-26]
CHR Extension: (Google Docs Offline) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-26]
CHR Extension: (Gmail) - C:\Users\bitem_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-26]
CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://
CHR HKLM-x32\...\Chrome\Extension: [eihhgekonheiliaidomffpplfhecmkag] - hxxps://
OPR StartupUrls: "hxxp://"
OPR Session Restore: -> is enabled.
OPR Extension: (Translate) - C:\Users\bitem_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-09-22]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S4 BI Helper; C:\Program Files (x86)\Common Files\Services\5000\bihelper.exe [151552 2014-11-27] () [File not signed]
S4 BrowseIgnite_1048; C:\Program Files (x86)\Common Files\Services\1048\biupdate.exe [74752 2014-09-21] () [File not signed]
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\\NAT.exe [232424 2013-10-11] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3071632 2014-05-06] (INCA Internet Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [X]
S2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe" [X]
S3 Disc Soft Pro Bus Service; "C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe" [X]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 mglupdate; C:\Program Files (x86)\Maxiget\Updater\MaxigetUpdater.exe /svc [X]
S3 mglupdatem; C:\Program Files (x86)\Maxiget\Updater\MaxigetUpdater.exe /medsvc [X]
S2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [X]
S4 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
S3 cpuz138; C:\Users\bitem_000\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-03-17] (CPUID)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-17] (Disc Soft Ltd)
R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2015-10-08] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-21] (REALiX)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [404184 2016-01-28] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4520152 2016-01-28] (Realtek Semiconductor Corporation )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-11-06] (Razer, Inc.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-01-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [36712 2016-01-28] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2016-01-28] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\appobserver64.sys [X]
S3 dump_wmimmc; \??\C:\Webzen\ASTA\bin32\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S1 nnfwdk; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\nnfwdk64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 21:48 - 2016-03-22 21:49 - 00027049 _____ C:\Users\bitem_000\Desktop\FRST.txt
2016-03-22 21:48 - 2016-03-22 21:48 - 00000000 ____D C:\FRST
2016-03-22 21:46 - 2016-03-22 21:46 - 02374144 _____ (Farbar) C:\Users\bitem_000\Desktop\FRST64.exe
2016-03-22 21:19 - 2016-03-22 21:19 - 00000000 ____D C:\The Sims 4 Deluxe Edition
2016-03-22 21:02 - 2016-03-22 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 Deluxe Edition
2016-03-22 17:48 - 2016-03-22 20:22 - 00000000 ____D C:\Users\bitem_000\Downloads\The Sims 4 v1.13.104.1010 repack Mr DJ
2016-03-22 17:47 - 2016-03-22 17:47 - 00036728 _____ C:\Users\bitem_000\Downloads\[]
2016-03-22 16:41 - 2016-03-22 21:15 - 00000000 ____D C:\Users\bitem_000\Documents\Electronic Arts
2016-03-22 16:40 - 2016-03-22 16:40 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-03-22 16:40 - 2013-06-24 13:37 - 33854712 _____ C:\Program Files (x86)\documents.part11.rar
2016-03-22 16:40 - 2013-06-24 13:37 - 104857600 _____ C:\Program Files (x86)\documents.part10.rar
2016-03-22 16:40 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part09.rar
2016-03-22 16:40 - 2013-06-24 11:32 - 00006866 _____ C:\Program Files (x86)\Language en-US.reg
2016-03-22 16:40 - 2013-06-24 11:31 - 00006866 _____ C:\Program Files (x86)\Language cs-CZ.reg
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part08.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part07.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part06.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part05.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part04.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part03.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part02.rar
2016-03-22 16:38 - 2013-06-24 13:36 - 104857600 _____ C:\Program Files (x86)\documents.part01.exe
2016-03-22 16:38 - 2013-06-24 06:44 - 00010912 _____ C:\Program Files (x86)\4.bat
2016-03-22 16:38 - 2013-06-24 03:22 - 00072890 _____ C:\Program Files (x86)\1.reg
2016-03-22 12:02 - 2016-03-22 15:50 - 00000000 ____D C:\Users\bitem_000\Downloads\The Sims 3 All In One Edition (Including Into The Future EXP)
2016-03-22 12:01 - 2016-03-22 12:01 - 00242087 _____ C:\Users\bitem_000\Downloads\
2016-03-22 11:59 - 2016-03-22 11:59 - 00002757 _____ C:\Users\bitem_000\Desktop\BitTorrent.lnk
2016-03-22 11:54 - 2016-03-22 20:27 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\BitTorrent
2016-03-22 11:54 - 2016-03-22 11:54 - 01930760 _____ (BitTorrent Inc.) C:\Users\bitem_000\Downloads\BitTorrent.exe
2016-03-17 22:12 - 2016-03-18 11:27 - 00000000 ____D C:\Users\bitem_000\Desktop\Games
2016-03-17 21:13 - 2016-03-17 22:29 - 00000000 ____D C:\Program Files (x86)\BigMacroTool
2016-03-11 22:21 - 2016-03-08 02:00 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 22:21 - 2016-03-08 02:00 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 15:34 - 2016-01-10 14:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-11 15:34 - 2016-01-10 13:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-11 15:34 - 2016-01-10 13:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-11 15:34 - 2016-01-10 13:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-11 15:34 - 2016-01-10 12:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-03-11 15:34 - 2016-01-10 12:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-03-11 15:34 - 2016-01-10 12:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-03-11 15:34 - 2016-01-10 12:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-03-11 15:34 - 2016-01-10 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-03-11 15:34 - 2016-01-10 12:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-03-11 15:34 - 2016-01-10 12:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-11 15:34 - 2016-01-10 12:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-03-11 15:34 - 2016-01-10 11:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-03-11 15:34 - 2016-01-10 11:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-03-11 15:34 - 2016-01-10 11:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-03-11 15:34 - 2016-01-10 11:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-03-11 15:34 - 2016-01-10 11:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-03-11 15:33 - 2016-01-22 03:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-11 15:33 - 2016-01-22 02:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-11 15:33 - 2016-01-22 00:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-11 15:33 - 2016-01-22 00:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-11 15:33 - 2016-01-22 00:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-11 15:33 - 2016-01-21 23:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-11 15:32 - 2016-01-19 14:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-11 15:31 - 2016-01-19 14:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-03-11 15:31 - 2016-01-19 14:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-03-11 15:31 - 2016-01-19 14:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-11 15:31 - 2016-01-19 14:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-11 15:31 - 2016-01-19 13:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-03-11 15:31 - 2016-01-19 13:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-11 15:31 - 2016-01-19 13:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-03-11 15:31 - 2016-01-19 13:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-03-11 15:31 - 2016-01-19 12:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-11 15:31 - 2016-01-19 11:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-03-11 15:31 - 2016-01-06 13:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-03-11 15:31 - 2015-12-28 16:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-03-11 15:31 - 2015-12-28 15:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-03-11 15:31 - 2015-12-17 13:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-03-11 15:31 - 2015-12-17 11:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-03-09 19:48 - 2016-03-09 20:23 - 00000000 ____D C:\Users\bitem_000\Documents\DragonNest
2016-03-09 19:48 - 2016-03-09 19:48 - 00000000 ____D C:\ProgramData\Nexon
2016-03-09 18:43 - 2016-03-17 22:13 - 00000000 ____D C:\Users\bitem_000\AppData\Local\NexonLauncher
2016-03-09 18:42 - 2016-03-09 18:43 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\NexonLauncher
2016-03-09 18:40 - 2016-03-09 19:42 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2016-03-09 13:25 - 2016-02-20 10:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 13:25 - 2016-02-20 10:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 13:25 - 2016-02-05 14:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 13:25 - 2016-01-08 20:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 13:25 - 2016-01-06 13:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 13:25 - 2015-12-30 16:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 13:24 - 2016-02-08 16:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 13:24 - 2016-02-08 15:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 13:24 - 2016-02-08 15:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 13:24 - 2016-02-08 15:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 13:24 - 2016-02-08 15:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 13:24 - 2016-02-08 15:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 13:24 - 2016-02-08 15:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 13:24 - 2016-02-08 15:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 13:24 - 2016-02-08 15:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 13:24 - 2016-02-08 15:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 13:24 - 2016-02-08 15:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 13:24 - 2016-02-08 15:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 13:24 - 2016-02-08 14:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 13:24 - 2016-02-08 14:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 13:24 - 2016-02-08 14:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 13:24 - 2016-02-08 13:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 13:24 - 2016-02-08 13:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 13:24 - 2016-02-08 13:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 13:24 - 2016-02-08 13:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 13:24 - 2016-02-08 13:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 13:24 - 2016-02-08 12:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 13:24 - 2016-02-08 12:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 13:24 - 2016-02-08 12:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 13:24 - 2016-02-08 12:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 13:24 - 2016-02-08 12:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 13:24 - 2016-02-08 12:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 13:24 - 2016-02-08 12:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 13:24 - 2016-02-08 12:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 13:24 - 2016-02-08 12:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 13:24 - 2016-02-08 11:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 13:22 - 2016-02-05 09:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 13:22 - 2016-02-05 09:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 13:22 - 2016-02-05 09:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 13:22 - 2016-02-05 09:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 13:22 - 2016-01-24 13:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 13:22 - 2016-01-24 13:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 13:22 - 2016-01-24 13:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 13:22 - 2016-01-24 06:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 13:22 - 2016-01-24 06:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 13:21 - 2016-02-12 14:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 13:21 - 2016-02-12 10:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 13:21 - 2016-02-12 09:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 13:21 - 2016-02-12 09:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 13:21 - 2016-02-12 09:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 13:21 - 2016-02-12 09:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 13:21 - 2016-02-12 09:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 13:21 - 2016-02-12 09:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 13:21 - 2016-02-12 09:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 13:21 - 2016-02-12 09:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 13:21 - 2016-02-12 09:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 13:21 - 2016-02-12 09:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 13:21 - 2016-02-11 09:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 13:21 - 2016-02-11 09:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 13:21 - 2016-02-11 09:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 13:21 - 2016-02-11 09:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 13:21 - 2016-02-06 11:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 13:21 - 2016-02-06 11:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 13:21 - 2016-02-03 15:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 13:21 - 2016-02-03 15:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 13:21 - 2016-02-03 10:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 13:21 - 2016-02-03 10:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 13:21 - 2016-02-03 10:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 13:21 - 2016-01-10 11:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 13:21 - 2016-01-08 20:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 13:21 - 2016-01-08 20:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 13:21 - 2016-01-06 18:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 13:21 - 2016-01-06 18:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 13:21 - 2016-01-06 11:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 13:20 - 2016-02-06 13:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 13:20 - 2016-02-05 14:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 13:20 - 2016-02-05 14:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 13:20 - 2016-02-05 10:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 13:20 - 2016-02-05 10:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 13:20 - 2016-02-04 13:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 13:20 - 2016-02-04 13:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 13:20 - 2016-02-04 13:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 13:20 - 2016-02-04 12:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 13:20 - 2016-02-04 12:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 13:20 - 2016-02-04 12:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 13:20 - 2016-02-04 12:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 13:20 - 2016-01-31 14:16 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 13:20 - 2016-01-15 11:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 13:20 - 2016-01-15 11:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 13:20 - 2016-01-10 11:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 13:20 - 2016-01-05 10:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 13:20 - 2015-12-30 15:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 13:20 - 2015-12-20 09:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 13:20 - 2015-12-20 09:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 13:20 - 2015-12-20 09:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 13:20 - 2015-11-19 09:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 13:20 - 2015-11-19 09:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 11:12 - 2016-03-09 11:12 - 00000000 ____D C:\$SysReset
2016-03-09 01:48 - 2016-03-09 01:48 - 00000000 ____D C:\Webzen
2016-02-26 21:53 - 2016-02-26 21:53 - 00000000 ____D C:\Users\bitem_000\AppData\LocalLow\Macromedia
2016-02-26 21:39 - 2016-02-26 21:39 - 00002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 21:45 - 2014-10-24 11:45 - 00000302 _____ C:\Windows\Tasks\FF Watcher {3F3302B1-A135-4482-AF3D-8F6EBFD58F74}.job
2016-03-22 21:38 - 2015-01-28 02:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 21:37 - 2014-09-21 19:30 - 00000932 _____ C:\Windows\Tasks\MaxigetUpdaterTaskMachineUA.job
2016-03-22 21:28 - 2014-12-08 11:37 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2335575561-2103832806-512499992-1001
2016-03-22 21:23 - 2014-02-28 23:45 - 00000000 ____D C:\Users\bitem_000\AppData\Local\CrashDumps
2016-03-22 21:23 - 2014-02-11 19:35 - 00000000 __RDO C:\Users\bitem_000\SkyDrive
2016-03-22 21:19 - 2014-06-04 20:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-03-22 20:22 - 2015-04-04 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-22 20:21 - 2014-06-04 20:43 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-03-22 19:37 - 2014-09-21 19:30 - 00000928 _____ C:\Windows\Tasks\MaxigetUpdaterTaskMachineCore.job
2016-03-22 18:51 - 2014-02-28 14:57 - 00000366 _____ C:\Windows\Tasks\bench-sys.job
2016-03-22 18:05 - 2014-12-20 11:40 - 00003786 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C5D6D2E-E230-41F4-9419-96D2038CAF7D}
2016-03-22 17:54 - 2014-09-21 20:22 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\uTorrent
2016-03-22 16:53 - 2014-09-22 21:06 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-22 16:40 - 2015-11-03 05:00 - 00000000 ____D C:\Users\AMorrow\My Documents
2016-03-22 16:13 - 2016-01-18 22:09 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\IMVU
2016-03-22 16:02 - 2014-09-04 17:53 - 03047424 ___SH C:\Users\bitem_000\Desktop\Thumbs.db
2016-03-22 11:52 - 2015-07-09 01:30 - 00000000 ___RD C:\Users\bitem_000\OneDrive
2016-03-22 11:41 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-22 11:33 - 2014-08-04 19:58 - 00000000 ____D C:\Users\bitem_000\AppData\Local\Adobe
2016-03-22 11:33 - 2013-12-03 06:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-22 11:33 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Inf
2016-03-22 11:28 - 2014-02-11 19:28 - 00000000 ____D C:\Users\bitem_000
2016-03-22 11:27 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-21 11:18 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-03-21 11:18 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-21 11:15 - 2015-01-01 21:03 - 00000000 ____D C:\Program Files (x86)\IObit
2016-03-21 10:51 - 2016-02-01 11:52 - 00003064 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-03-21 10:51 - 2016-02-01 11:52 - 00002728 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (AMorrow)
2016-03-19 19:58 - 2015-01-28 02:37 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-03-18 11:29 - 2015-05-11 13:46 - 00000000 ____D C:\Users\bitem_000\AppData\Local\Akamai
2016-03-17 22:13 - 2015-04-08 18:33 - 00000000 ____D C:\Users\bitem_000\Desktop\Aiesha Student Classes
2016-03-17 18:31 - 2014-08-30 15:36 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Skype
2016-03-15 08:45 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-11 22:19 - 2013-08-22 09:44 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-11 16:35 - 2013-08-22 08:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-03-11 16:30 - 2015-04-26 22:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 16:30 - 2013-08-22 14:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-11 16:30 - 2013-08-22 10:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-11 16:26 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 13:58 - 2013-08-22 08:25 - 00000167 _____ C:\Windows\win.ini
2016-03-11 13:44 - 2015-04-27 10:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-11 13:44 - 2015-04-27 10:35 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-11 10:47 - 2016-01-18 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-11 10:47 - 2016-01-18 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-09 13:22 - 2016-01-21 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-03-09 13:22 - 2016-01-21 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-03-09 13:22 - 2016-01-21 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-03-09 13:22 - 2015-10-08 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-03-09 13:22 - 2015-10-03 09:49 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2016-03-09 13:22 - 2015-07-09 01:33 - 00000000 ____D C:\Windows\en
2016-03-09 13:22 - 2015-05-27 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-03-09 13:22 - 2015-04-16 14:58 - 00000000 ____D C:\ProgramData\
2016-03-09 13:22 - 2014-10-18 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-09 13:22 - 2014-10-07 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-09 13:22 - 2014-09-02 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-09 13:22 - 2014-06-04 20:31 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-03-09 13:22 - 2014-03-03 16:00 - 00000000 ____D C:\Users\bitem_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-09 13:22 - 2014-03-03 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-09 13:22 - 2014-03-02 18:16 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-03-09 13:22 - 2014-02-17 21:55 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 13:22 - 2014-01-06 01:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2016-03-09 13:22 - 2014-01-06 01:34 - 00000000 ____D C:\Program Files\Intel
2016-03-09 13:22 - 2013-12-03 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-03-09 13:22 - 2013-08-22 14:12 - 00000000 ____D C:\Windows\ShellNew
2016-03-09 13:22 - 2013-08-22 14:10 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\spool
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\MediaViewer
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-09 13:22 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-09 13:22 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\oobe
2016-03-09 11:43 - 2016-02-05 13:57 - 00001618 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_AMorrow
2016-03-09 11:43 - 2016-01-28 18:44 - 00001918 _____ C:\Windows\System32\Tasks\RTKCPL
2016-03-09 11:43 - 2015-10-15 12:22 - 00001852 _____ C:\Windows\System32\Tasks\{556D986D-E603-4743-BCCC-4B64F77AC64A}
2016-03-09 11:43 - 2015-01-23 17:45 - 00001774 _____ C:\Windows\System32\Tasks\{A1985B2E-1B42-4918-926A-F42415FBE0F1}
2016-03-09 11:43 - 2014-09-17 13:26 - 00001748 _____ C:\Windows\System32\Tasks\{5EFDC5A9-AB26-47F1-A0C0-E6610A99E0B9}
2016-03-09 11:43 - 2014-01-06 01:44 - 00001834 _____ C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2016-03-09 11:42 - 2016-01-21 21:15 - 00001882 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-03-09 11:42 - 2016-01-21 21:15 - 00001578 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_AMorrow
2016-03-09 11:42 - 2015-10-08 22:26 - 00001834 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-03-09 11:42 - 2015-10-08 22:26 - 00001704 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2016-03-09 11:42 - 2015-04-18 23:20 - 00002028 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Aiesha-AMorrow
2016-03-09 11:42 - 2015-01-28 02:37 - 00002862 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-03-09 11:42 - 2015-01-28 02:37 - 00002634 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-09 11:42 - 2015-01-01 21:04 - 00001572 _____ C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2016-03-09 11:42 - 2014-09-22 21:06 - 00002794 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411437969
2016-03-09 11:42 - 2014-09-21 19:35 - 00001800 _____ C:\Windows\System32\Tasks\Advanced-System Protector_startup
2016-03-09 11:42 - 2014-09-21 19:33 - 00001732 _____ C:\Windows\System32\Tasks\ASP
2016-03-09 11:39 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-08 23:56 - 2014-02-17 21:55 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-02 21:36 - 2014-02-11 19:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 12:01 - 2015-10-08 22:26 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-03-01 19:49 - 2015-07-22 19:53 - 00000000 ____D C:\Users\bitem_000\AppData\Local\Google
2016-02-29 14:14 - 2015-10-21 12:26 - 00000000 ____D C:\Users\bitem_000\Desktop\Launcher
2016-02-26 21:39 - 2015-10-13 09:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-23 16:44 - 2014-09-17 13:26 - 00000000 ____D C:\Users\bitem_000\AppData\Local\ElevatedDiagnostics
==================== Files in the root of some directories =======
2016-03-22 16:38 - 2013-06-24 03:22 - 0072890 _____ () C:\Program Files (x86)\1.reg
2016-03-22 16:38 - 2013-06-24 06:44 - 0010912 _____ () C:\Program Files (x86)\4.bat
2016-03-22 16:38 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part01.exe
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part02.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part03.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part04.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part05.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part06.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part07.rar
2016-03-22 16:39 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part08.rar
2016-03-22 16:40 - 2013-06-24 13:36 - 104857600 _____ () C:\Program Files (x86)\documents.part09.rar
2016-03-22 16:40 - 2013-06-24 13:37 - 104857600 _____ () C:\Program Files (x86)\documents.part10.rar
2016-03-22 16:40 - 2013-06-24 13:37 - 33854712 _____ () C:\Program Files (x86)\documents.part11.rar
2016-03-22 16:40 - 2013-03-10 09:01 - 0114427 _____ () C:\Program Files (x86)\Game.ico
2016-03-22 16:40 - 2013-06-24 11:31 - 0006866 _____ () C:\Program Files (x86)\Language cs-CZ.reg
2016-03-22 16:40 - 2013-06-24 11:32 - 0006866 _____ () C:\Program Files (x86)\Language en-US.reg
2015-05-07 22:08 - 2015-11-24 18:58 - 0558080 _____ () C:\Users\bitem_000\AppData\Roaming\SharedSettings.ccs
2015-09-10 22:10 - 2015-09-12 14:27 - 0005120 _____ () C:\Users\bitem_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-11 21:04 - 2014-11-11 21:04 - 0003918 _____ () C:\Users\bitem_000\AppData\Local\recently-used.xbel
2014-01-06 01:40 - 2014-01-06 01:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-05 11:35
==================== End of FRST.txt ============================
Edited by chaelea, 22 March 2016 - 08:57 PM.