Jump to content

Installed MBAntiRansomware - Now i am getting all sorts of ransomware warnings


Recommended Posts

Hi, I installed the beta version of malwarebytes anti Ransomware yesterday and after installation it asked me to reboot my machine.

 

I am on Asus k55vj - windows 10.

After reboot, i got a notification that chrome has been detected infected with ransomware activity. It asked me to reboot again to finish the cleanup.

After i did, i cannot sign in on my user.. I was taken to a temp user profile. I tried to use the "startup repair" of windows 10. It finished without any errors found.

I just turned machine off...

 

Today, I booted into my old user profile, it let me in. BUt then MB anti ransomware gave another alert that software distribution is infected. Had e restart. After, firefox and edge are acting funny as it opens a new window when i click on them,

 

I have been reading this forum for quite some time so i already ran frst and heres the result of the scan. Can someone let me know how to interpret the scan logs and the next steps please... appreciate it,

 

Just scanned a few mins ago.

 

Thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by JacJefferson (administrator) on ZERO-DAY (28-01-2016 01:05:27)
Running from D:\Downloads
Loaded Profiles: JacJefferson (Available Profiles: UpdatusUser & JacJefferson)
Platform: Windows 10 Home (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-08] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01272016232201798\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50622080 2016-01-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [spotify Web Helper] => C:\Users\JacJefferson\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-22] (Spotify Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [uTorrent] => /MINIMIZED
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [] => 0
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [153208 2015-12-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Ransomware.lnk [2016-01-27]
ShortcutTarget: Malwarebytes Anti-Ransomware.lnk -> C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe (Malwarebytes)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13042e69-6434-4e3a-a8b1-e19c3b79894c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac77a4aa-d0f2-428f-a30a-3fbdfa98cd6f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-15] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> hxxp://www.yandex.ru/?win=212&clid=2100767-002

FireFox:
========
FF ProfilePath: C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206
FF SelectedSearchEngine: Яндекс
FF Session Restore: -> is enabled.
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "71.205.115.155"
FF NetworkProxy: "socks_port", 65535
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: Lightbeam - C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-12-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR StartupUrls: Default -> "hxxps://inbox.google.com/?pli=1","hxxps://accounts.google.com/Login","hxxp://moz.com/","hxxp://semrush.com/","hxxp://buzzsumo.com/","hxxp://drive.google.com/","hxxp://www.windowsxlive.net/","hxxp://www.google.com"
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (oscraper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoedkafpknpijecolafolipaidgjcoo [2016-01-20]
CHR Extension: (Genius Web Annotator) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2016-01-20]
CHR Extension: (OneTab) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-01-27]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2016-01-20]
CHR Extension: (High Contrast) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-01-20]
CHR Extension: (MozBar) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2016-01-24]
CHR Extension: (Gmail Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-01-20]
CHR Extension: (Google Calendar) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-20]
CHR Extension: (Blur) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2016-01-20]
CHR Extension: (Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffccoaooonomblpmkaidfhphgjgkimod [2016-01-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-19]
CHR Extension: (Vysor (Beta)) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-01-20]
CHR Extension: (UX Check) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekhiebdpmljgchjojblnekkcgpdobp [2016-01-20]
CHR Extension: (AdBlock) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffokgiicnnkgaodkpofkcgpdmkdpebj [2016-01-20]
CHR Extension: (Similar Sites Pro) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl [2016-01-24]
CHR Extension: (SimilarWeb - Site Traffic Sources and Ranking) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2016-01-20]
CHR Extension: (Ubersuggest CPC & Search Volume Enhancer) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hopggcicaffnjomhjjpogcelclkbnigp [2016-01-20]
CHR Extension: (META SEO inspector) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef [2016-01-20]
CHR Extension: (JacReyes.com) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2016-01-20]
CHR Extension: (SimpleExtManager) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2016-01-20]
CHR Extension: (Momentum) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-01-23]
CHR Extension: (Evernote Web) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-01-20]
CHR Extension: (Wordtracker Scout) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkalodfoplipapmeogaehmiabdhhjapb [2016-01-20]
CHR Extension: (SEO Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkkpfhgjmocgneajknedjhodkjkkclod [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2016-01-20]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2016-01-20]
CHR Extension: (GTM DevTools Sidebar Panes) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpchkkljkimifenglmblhnklbngejfh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Evernote Web Clipper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR Extension: (Inbox by Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2016-01-20]
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-20]
CHR Extension: (YouTube) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-20]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Советник Яндекс.Маркета) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg [2016-01-20]
CHR Extension: (Google Sheets) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Avira Browser Safety) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-20]
CHR Extension: (Skype) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-20]
CHR Extension: (Яндекс) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-07] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7152128 2015-05-28] (SecureMix LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-07] (Lenovo)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe [3124536 2016-01-25] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-04] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2015-11-17] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-07] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-27] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-16] (Avira Operations GmbH & Co. KG)
R3 bcmsmbsp; C:\Windows\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 farflt; C:\WINDOWS\system32\drivers\farflt.sys [53464 2016-01-27] (Malwarebytes)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (SecureMix LLC)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-08] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-04] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [217328 2016-01-27] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2015-10-08] (Intel Corporation)
S3 necbatt; C:\Windows\System32\drivers\necbatt.sys [28512 2015-09-27] (NEC Personal Computers, Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\drivers\tap0901cn.sys [39616 2014-12-29] (Connectify)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-27] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 digitalpower; \SystemRoot\system32\drivers\digitalpower.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 01:05 - 2016-01-28 01:05 - 00000000 ____D C:\FRST
2016-01-28 01:04 - 2016-01-28 01:03 - 02370560 _____ (Farbar) C:\Users\JacJefferson\Desktop\FRST64.exe
2016-01-28 00:46 - 2016-01-28 00:46 - 00016148 _____ C:\WINDOWS\system32\ZERO-DAY_JacJefferson_HistoryPrediction.bin
2016-01-27 07:54 - 2016-01-27 07:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-01-27 07:52 - 2016-01-27 07:52 - 00231814 _____ C:\WINDOWS\ntbtlog.txt
2016-01-27 05:47 - 2016-01-27 07:51 - 00000000 ____D C:\Users\TEMP
2016-01-27 05:47 - 2016-01-27 05:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-01-27 05:02 - 2016-01-27 05:02 - 00000847 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\Program Files\Speccy
2016-01-27 03:24 - 2016-01-27 03:24 - 00325432 _____ C:\WINDOWS\Minidump\012716-31234-01.dmp
2016-01-27 03:14 - 2016-01-27 03:14 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\NVIDIA
2016-01-27 03:09 - 2016-01-27 23:22 - 00053464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-01-27 03:09 - 2016-01-27 03:09 - 00001956 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Ransomware.lnk
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\Program Files\Malwarebytes
2016-01-27 03:06 - 2016-01-27 03:06 - 00000000 ___HD C:\$Windows.~BT
2016-01-27 03:05 - 2016-01-27 03:30 - 00000000 ___HD C:\$SysReset
2016-01-27 01:15 - 2016-01-27 01:15 - 00001249 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.4.lnk
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-01-26 23:58 - 2016-01-26 23:58 - 00309648 _____ C:\WINDOWS\Minidump\012616-35296-01.dmp
2016-01-26 23:53 - 2016-01-27 03:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-26 23:53 - 2016-01-26 23:53 - 00328424 _____ C:\WINDOWS\Minidump\012616-27750-01.dmp
2016-01-26 23:52 - 2016-01-27 03:24 - 661340051 _____ C:\WINDOWS\MEMORY.DMP
2016-01-26 23:50 - 2016-01-26 23:50 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-01-26 05:37 - 2016-01-26 05:37 - 00000218 _____ C:\Users\JacJefferson\.recently-used.xbel
2016-01-25 05:34 - 2016-01-25 05:50 - 00001651 _____ C:\Users\JacJefferson\Desktop\UnionJac Experience Mail.lnk
2016-01-25 05:32 - 2016-01-25 05:32 - 00002613 _____ C:\Users\JacJefferson\Desktop\Reyes.Jac08.lnk
2016-01-24 13:44 - 2016-01-24 13:47 - 00000000 ____D C:\AdwCleaner
2016-01-22 12:15 - 2016-01-23 00:39 - 00000000 ____D C:\Users\JacJefferson\Desktop\mbar
2016-01-22 08:51 - 2016-01-22 09:34 - 00000000 ____D C:\Users\JacJefferson\AppData\LocalLow\uTorrent
2016-01-20 06:12 - 2016-01-20 06:12 - 00002460 _____ C:\Users\JacJefferson\Desktop\Main - Jac Reyes - Chrome.lnk
2016-01-20 06:09 - 2016-01-27 05:39 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-01-20 06:04 - 2016-01-20 06:04 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-20 02:48 - 2016-01-20 02:49 - 00000000 ____D C:\Program Files\Defraggler
2016-01-20 02:48 - 2016-01-20 02:48 - 00001775 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-20 02:48 - 2016-01-20 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-01-19 07:52 - 2016-01-19 07:52 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00001230 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-19 07:36 - 2016-01-19 07:36 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ZERO-DAY-Windows-10-Home-(64-bit).dat
2016-01-19 07:36 - 2016-01-19 07:36 - 00000000 ____D C:\RegBackup
2016-01-19 03:55 - 2016-01-19 07:51 - 00002346 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-19 03:55 - 2016-01-19 03:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\system32\NV
2016-01-18 09:55 - 2008-04-15 07:00 - 01355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00935632 _____ (Microsoft Corporation) C:\WINDOWS\system\Vb40016.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2016-01-18 09:55 - 1993-05-11 12:00 - 00398416 _____ (Microsoft Corporation) C:\WINDOWS\system\Vbrun300.dll
2016-01-18 09:55 - 1992-10-20 17:00 - 00356992 _____ (Microsoft Corporation) C:\WINDOWS\system\vbrun200.dll
2016-01-18 09:55 - 1991-05-09 18:00 - 00271264 _____ C:\WINDOWS\system\vbrun100.dll
2016-01-18 09:54 - 2014-09-10 11:14 - 00163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 01070232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00660120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00444328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MShflxgd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00416408 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00279192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00259736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00222360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00219288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00218776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00212112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00179352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00131728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00130712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2016-01-18 09:54 - 2013-11-25 08:27 - 00127640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00119960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00108696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2016-01-18 09:54 - 2013-11-25 08:27 - 00104088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00084624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2016-01-18 09:54 - 2011-01-12 14:36 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2016-01-18 09:54 - 2011-01-12 14:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2016-01-18 09:54 - 2011-01-12 14:19 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2016-01-18 09:54 - 2011-01-12 13:53 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2016-01-18 09:54 - 2007-01-30 11:04 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2016-01-18 09:54 - 2006-08-25 15:28 - 01017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2016-01-18 09:54 - 2006-08-25 15:07 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2016-01-18 09:54 - 2006-08-25 14:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2016-01-18 09:54 - 2006-04-10 15:41 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL32.OCX
2016-01-18 09:54 - 2005-01-20 10:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2016-01-18 09:54 - 2002-01-04 20:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2016-01-18 09:54 - 1994-11-17 16:00 - 00210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2016-01-18 09:49 - 2016-01-27 04:49 - 00000444 _____ C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job
2016-01-18 09:47 - 2016-01-18 10:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DriverPack Notifier
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Package Cache
2016-01-18 09:44 - 2016-01-18 09:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Chromium
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Opera Software
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Opera Software
2016-01-18 09:25 - 2016-01-18 09:25 - 00003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-01-18 08:57 - 2016-01-18 09:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-18 08:57 - 2015-12-17 22:49 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-01-18 08:57 - 2015-12-16 06:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 04498889 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-18 08:51 - 2015-12-17 20:48 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03152591 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-18 08:51 - 2015-12-17 20:48 - 02693360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01928624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01356504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01286160 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01008360 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00933640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00716104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00596128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-01-18 08:51 - 2015-12-17 20:48 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00448584 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00224264 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00172576 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 12986520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 10521552 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05776680 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05289944 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 03282024 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02437144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01601944 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01421104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01211832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01186160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00952984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00369304 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00340648 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01155992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00229656 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00194360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 11896096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 03675560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00467696 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00250360 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00202232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-01-18 08:46 - 2015-10-14 12:35 - 00617976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00382384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00379904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00290216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 02035712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 01766912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00264192 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-01-18 08:46 - 2015-10-14 12:33 - 00204720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-01-18 08:46 - 2015-10-14 12:33 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00095232 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00068096 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00039416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019456 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019448 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018936 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013816 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 08522240 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 06509056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00232952 _____ C:\WINDOWS\system32\igdde64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00171000 _____ C:\WINDOWS\system32\igdail64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00152568 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2016-01-18 08:46 - 2015-10-14 12:31 - 04374440 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00969128 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00555432 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00554920 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409512 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409008 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00165800 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2016-01-18 08:46 - 2015-10-14 12:28 - 04378024 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-01-18 08:46 - 2015-10-14 09:34 - 00191028 __RSH C:\WINDOWS\system32\resTHA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00183668 __RSH C:\WINDOWS\system32\resELL.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00179444 __RSH C:\WINDOWS\system32\resRUS.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00165188 __RSH C:\WINDOWS\system32\resARA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164660 __RSH C:\WINDOWS\system32\resHEB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164644 __RSH C:\WINDOWS\system32\resJPN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160020 __RSH C:\WINDOWS\system32\resHUN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160004 __RSH C:\WINDOWS\system32\resFRA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158260 __RSH C:\WINDOWS\system32\resKOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158180 __RSH C:\WINDOWS\system32\resDEU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158164 __RSH C:\WINDOWS\system32\resITA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157988 __RSH C:\WINDOWS\system32\resROM.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157876 __RSH C:\WINDOWS\system32\resESN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157428 __RSH C:\WINDOWS\system32\resPLK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157332 __RSH C:\WINDOWS\system32\resSKY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157140 __RSH C:\WINDOWS\system32\resNLD.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156532 __RSH C:\WINDOWS\system32\resPTB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156436 __RSH C:\WINDOWS\system32\resTRK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156372 __RSH C:\WINDOWS\system32\resCSY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156244 __RSH C:\WINDOWS\system32\resPTG.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155796 __RSH C:\WINDOWS\system32\resFIN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155396 __RSH C:\WINDOWS\system32\resHRV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154932 __RSH C:\WINDOWS\system32\resSVE.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154820 __RSH C:\WINDOWS\system32\resSLV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153828 __RSH C:\WINDOWS\system32\resNOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153332 __RSH C:\WINDOWS\system32\resDAN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00151988 __RSH C:\WINDOWS\system32\resENU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00150228 __RSH C:\WINDOWS\system32\resCHT.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00149364 __RSH C:\WINDOWS\system32\resCHS.cui
2016-01-18 08:46 - 2015-10-14 09:33 - 00002582 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-01-18 08:28 - 2015-10-08 09:16 - 00185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00935168 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-18 08:25 - 2015-07-10 10:46 - 00053024 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcmsmbsp.sys
2016-01-18 08:24 - 2015-11-18 11:11 - 00245432 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2016-01-18 08:24 - 2015-11-18 11:11 - 00072392 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll.muien-US
2016-01-18 08:24 - 2015-11-18 11:11 - 00046908 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2016-01-18 08:24 - 2015-11-18 11:11 - 00041996 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2016-01-18 08:24 - 2015-09-24 13:08 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-01-18 08:24 - 2009-09-08 23:23 - 00051712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\flashud.sys
2016-01-18 08:23 - 2016-01-18 10:27 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DRPSu
2016-01-17 21:44 - 2016-01-17 21:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-13 01:28 - 2016-01-18 12:43 - 00000000 ____D C:\SUPERDelete
2016-01-13 01:17 - 2016-01-13 01:17 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-23 00:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-13 01:16 - 2016-01-13 01:16 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-12 17:09 - 2016-01-04 22:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 22:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 21:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 21:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 17:09 - 2016-01-04 21:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 17:09 - 2016-01-04 21:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 17:09 - 2016-01-04 20:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 17:09 - 2016-01-04 20:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 20:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 17:08 - 2016-01-04 22:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 17:08 - 2016-01-04 22:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 17:08 - 2016-01-04 22:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 21:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 21:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 21:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 17:08 - 2016-01-04 21:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 17:08 - 2016-01-04 21:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 17:08 - 2016-01-04 21:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 21:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 17:08 - 2016-01-04 21:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 17:08 - 2016-01-04 20:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 17:08 - 2016-01-04 20:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 17:08 - 2016-01-04 20:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 20:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 20:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 20:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 20:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 17:08 - 2016-01-04 20:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 20:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 17:08 - 2016-01-04 20:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 05:09 - 2016-01-10 05:09 - 00000000 ___HD C:\WINDOWS\AxInstSV
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-01-10 03:56 - 2016-01-10 03:56 - 00001287 _____ C:\Users\Public\Desktop\SHAREit.lnk
2016-01-10 03:56 - 2016-01-10 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-08 05:46 - 2016-01-08 05:46 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:37 - 2016-01-08 05:37 - 00000000 ____D C:\ProgramData\IntelDLM
2016-01-07 15:18 - 2016-01-07 15:18 - 00004540 _____ C:\Users\JacJefferson\Desktop\NVIDIA System Information 01-08-2016 04-18-07.txt
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\CyberLink
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Power2Go
2016-01-07 15:00 - 2016-01-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-01-07 14:57 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\CyberLink
2016-01-07 14:44 - 2016-01-07 14:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\ASUS
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Drivers Download Utility
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\Program Files\Asus Drivers Download Utility
2016-01-05 00:15 - 2016-01-05 00:15 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Lenovo
2016-01-05 00:14 - 2016-01-05 00:14 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-01-04 03:04 - 2016-01-04 05:27 - 00000000 ____D C:\Users\JacJefferson\Desktop\tropicana
2015-12-29 01:37 - 2015-12-29 01:37 - 00000000 _____ C:\Users\JacJefferson\systeminfo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 01:01 - 2015-05-14 07:48 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Skype
2016-01-28 00:56 - 2015-06-10 03:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-28 00:52 - 2015-08-25 15:17 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5A4667B-6E95-4A17-95C1-799C060D9CCE}
2016-01-28 00:50 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-28 00:45 - 2015-09-21 06:38 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-28 00:35 - 2015-05-13 09:03 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 00:34 - 2015-06-05 23:57 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\CrashDumps
2016-01-28 00:25 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-28 00:24 - 2015-08-09 23:57 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-01-27 23:32 - 2015-05-13 09:03 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-27 23:22 - 2015-09-21 06:38 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-27 23:22 - 2015-08-10 00:00 - 00000000 __SHD C:\Users\JacJefferson\IntelGraphicsProfiles
2016-01-27 23:22 - 2015-05-13 00:52 - 00217328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 23:19 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-27 08:03 - 2015-07-10 04:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-27 06:04 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-27 05:48 - 2015-05-13 07:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-27 05:43 - 2015-08-09 19:50 - 00000000 ____D C:\Users\JacJefferson
2016-01-27 05:02 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-27 03:43 - 2015-12-04 10:33 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-01-27 03:43 - 2015-06-21 16:53 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Samsung
2016-01-27 03:43 - 2012-10-23 09:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-27 03:30 - 2015-06-09 19:39 - 00000000 _____ C:\Recovery.txt
2016-01-27 03:27 - 2015-08-09 19:50 - 00000000 ____D C:\Users\UpdatusUser
2016-01-27 03:09 - 2015-05-13 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 03:05 - 2015-05-13 09:36 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Spotify
2016-01-27 03:00 - 2015-05-13 09:40 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Spotify
2016-01-27 01:16 - 2015-05-13 00:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 09:18 - 2015-05-15 18:32 - 00000000 ___RD C:\Users\JacJefferson\Google Drive
2016-01-26 05:37 - 2015-12-22 13:51 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\.purple
2016-01-26 04:36 - 2015-07-14 01:20 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\gtk-2.0
2016-01-24 13:50 - 2015-06-10 02:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-24 13:45 - 2015-05-13 00:13 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Packages
2016-01-24 07:50 - 2015-06-13 08:34 - 00000000 ____D C:\KMPlayer
2016-01-23 03:00 - 2015-09-27 18:19 - 00000000 ___RD C:\Users\JacJefferson\Dropbox
2016-01-23 03:00 - 2015-09-21 06:38 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Dropbox
2016-01-23 00:41 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-22 22:02 - 2015-05-13 00:52 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-21 15:08 - 2015-05-14 07:47 - 00000000 ____D C:\ProgramData\Skype
2016-01-20 06:06 - 2015-08-09 20:06 - 00774730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-20 02:48 - 2015-05-13 22:37 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\ElevatedDiagnostics
2016-01-20 00:16 - 2015-05-13 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-20 00:10 - 2015-05-13 09:54 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-19 23:56 - 2015-06-10 03:52 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-19 22:20 - 2015-07-10 07:20 - 00351360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 22:16 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 08:31 - 2015-09-05 16:29 - 00003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-01-19 08:21 - 2015-05-18 00:44 - 00774730 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-19 08:06 - 2015-05-14 03:49 - 00007614 _____ C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2016-01-19 04:45 - 2015-08-10 03:40 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-19 04:45 - 2015-06-08 02:09 - 00000000 ____D C:\Users\JacJefferson\Desktop\Tweaking Utils
2016-01-19 04:45 - 2015-06-03 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Frog SEO Spider
2016-01-19 03:56 - 2015-06-25 09:42 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 03:55 - 2015-05-13 09:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-18 23:02 - 2015-05-18 00:38 - 00000463 _____ C:\DelFix.txt
2016-01-18 11:05 - 2015-11-03 04:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-18 09:55 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\System
2016-01-18 09:35 - 2015-08-09 19:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-18 09:32 - 2015-08-09 19:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-18 09:25 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-01-18 09:25 - 2015-06-07 22:07 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-01-18 09:24 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-18 08:58 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-17 21:42 - 2015-12-07 05:51 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-14 09:00 - 2015-11-18 02:46 - 00001217 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-14 08:59 - 2015-11-18 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-12 21:39 - 2015-10-25 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-10 03:30 - 2015-09-30 11:52 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-08 08:27 - 2012-10-23 09:28 - 00000000 ____D C:\ProgramData\P4G
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\servicing
2016-01-08 08:24 - 2015-12-28 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-08 08:24 - 2012-08-04 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-01-08 08:03 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2016-01-08 07:58 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-01-08 07:39 - 2015-08-09 23:58 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-01-08 05:46 - 2015-05-29 19:32 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:46 - 2015-05-14 10:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-08 05:46 - 2012-10-23 09:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-02 20:40 - 2015-07-10 06:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-07-10 06:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-14 01:06 - 2015-09-14 01:06 - 0209702 _____ () C:\Users\JacJefferson\AppData\Local\ars.cache
2015-09-14 01:06 - 2015-09-14 01:06 - 0549069 _____ () C:\Users\JacJefferson\AppData\Local\census.cache
2015-09-14 00:33 - 2015-09-14 00:33 - 0000036 _____ () C:\Users\JacJefferson\AppData\Local\housecall.guid.cache
2015-08-31 07:44 - 2015-08-31 07:44 - 0000743 _____ () C:\Users\JacJefferson\AppData\Local\recently-used.xbel
2015-05-14 03:49 - 2016-01-19 08:06 - 0007614 _____ () C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2015-09-14 00:47 - 2015-09-14 00:47 - 0000010 _____ () C:\Users\JacJefferson\AppData\Local\sponge.last.runtime.cache
2015-08-09 19:47 - 2015-08-09 19:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-04 12:37 - 2012-07-30 01:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 12:37 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2016-01-07 14:58 - 2016-01-07 15:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2016-01-07 14:58 - 2016-01-07 14:58 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\JacJefferson\AppData\Local\Temp\avgnt.exe
C:\Users\JacJefferson\AppData\Local\Temp\sfamcc00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfareca00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfextra.dll
C:\Users\JacJefferson\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-21 16:00

==================== End of FRST.txt ============================

 

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...
 

Next,

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 
Next,
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


 

Next,

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs....
 

 

Let me see those logs in your reply

 

Kevin

Link to post
Share on other sites

Hello kevinf80,

 

Thanks for your response and your instructions for cleaning. I dont know how to interpret them but I think whatever they are, prolly from my search for device drivers for my notebook.

 

Please see the logs below. I highlighted different sections in bold red large font for easier viewing.

 

Let me know how to go about those.

 

(Sorry I had to move the frst and addition.txt logs to next page)

 

Thanks very much!

 

 

 

 

 

Malwarebytes Anti-Malware LOGS
www.malwarebytes.org

Scan Date: 1/28/2016
Scan Time: 6:06 AM
Logfile: System Logs Jan 28.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.01.28.03
Rootkit Database: v2016.01.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: JacJefferson

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 427153
Time Elapsed: 50 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)




************************
Adwcleaner Logs


# AdwCleaner v5.031 - Logfile created 28/01/2016 at 08:14:25
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [server]
# Operating system : Windows 10 Home  (x64)
# Username : JacJefferson - ZERO-DAY
# Running from : D:\Downloads\AdwCleaner(1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\JacJefferson\AppData\Local

\Google\Chrome\User Data\Default\Extensions

\hidjnkeodmholilgafgdlgmgggbhnigl
[-] Folder Deleted : C:\Users\JacJefferson\AppData\Local

\Google\Chrome\User Data\Default\Extensions

\eakacpaijcpapndcfffdgphdiccmpknp
[-] Folder Deleted : C:\Users\JacJefferson\AppData\Local

\Google\Chrome\User Data\Default\Extensions

\chphlpgkkbolifaimnlloiipkdnihall

***** [ Files ] *****

[-] File Deleted : C:\Users\JacJefferson\AppData\Local\Google

\Chrome\User Data\Default\Local Extension Settings

\eakacpaijcpapndcfffdgphdiccmpknp

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\JacJefferson\AppData\Local\Google\Chrome\User

Data\Default\Web Data] [search Provider] Deleted : ask.com
[-] [C:\Users\JacJefferson\AppData\Local\Google\Chrome\User

Data\Default\Web Data] [search Provider] Deleted : aol.com
[-] [C:\Users\JacJefferson\AppData\Local\Google\Chrome\User

Data\Default\Secure Preferences] [Extension] Deleted :

chphlpgkkbolifaimnlloiipkdnihall
[-] [C:\Users\JacJefferson\AppData\Local\Google\Chrome\User

Data\Default\Secure Preferences] [Extension] Deleted :

eakacpaijcpapndcfffdgphdiccmpknp
[-] [C:\Users\JacJefferson\AppData\Local\Google\Chrome\User

Data\Default\Secure Preferences] [Extension] Deleted :

hidjnkeodmholilgafgdlgmgggbhnigl

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1888

bytes] ##########


**************************************************************

Junkware Removal Tool Logs

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by JacJefferson (Administrator) on Thu 01/28/2016 at  

8:26:12.66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\JacJefferson\AppData\Local

\Google\Chrome\User Data\Default\Extensions

\lbfehkoinhhcknnbdgnnmjhiladcgbol (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERUPDATEUI.EXE-

A933B2EF.pf (File)

Deleted the following from C:\Users\JacJefferson\AppData

\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-

1436817673206\prefs.js
user_pref(browser.newtabpage.pinned, [{\url\:

\hxxp://www.yandex.ru/?win=212&clid=2100780-002\,\title\:

\Яндекс\},{\url\:\hxxp://market.yandex.ru/?from=dist_
user_pref(browser.uiCustomization.state, {\placements\:

{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\home-

button\,\new-window-button\,\privatebrowsing-
user_pref

(extensions.vb@yandex.ru.alarms.advertisementConfigNeedUpdate,

{\expires\:1434,\nextInterval\:1440,\saved\:1453131723278});
user_pref(extensions.vb@yandex.ru.alarms.checkAdJSON,

{\expires\:54,\nextInterval\:60,\saved\:1453131723279});
user_pref(extensions.vb@yandex.ru.alarms.checkAdsConditions,

{\expires\:24,\nextInterval\:30,\saved\:1453131723277});
user_pref

(extensions.vb@yandex.ru.alarms.checkBackgroundsFileExists,

{\expires\:4,\nextInterval\:10,\saved\:1453131723275});
user_pref(extensions.vb@yandex.ru.alarms.createBackup,

{\expires\:1434,\nextInterval\:1440,\saved\:1453131723274});
user_pref(extensions.vb@yandex.ru.alarms.fourDaysPassed,

{\expires\:5754,\saved\:1453131723275});
user_pref(extensions.vb@yandex.ru.alarms.scheduledPickup,

{\expires\:1434,\nextInterval\:1440,\saved\:1453131723277});
user_pref(extensions.vb@yandex.ru.alarms.stopActiveAd,

{\expires\:1434,\saved\:1453131723276});
user_pref(extensions.vb@yandex.ru.alarms.syncBackgrounds,

{\expires\:1434,\nextInterval\:1440,\saved\:1453131723274});
user_pref(extensions.vb@yandex.ru.alarms.syncBlacklist,

{\expires\:1434,\nextInterval\:1440,\saved\:1453131723276});
user_pref(extensions.vb@yandex.ru.alarms.updateAllThumbsData,

{\expires\:10074,\nextInterval\:10080,\saved\:1453131723277});
user_pref(extensions.vb@yandex.ru.description, Визуальные

закладки – это страница, на которой собраны ваши любимые
user_pref(extensions.vb@yandex.ru.name, Визуальные закладки);
user_pref(extensions.yasearch@yandex.ru.autoinstall.activated,

[\hxxp://bar.yandex.ru/packages/yandexbar#logo\,

\hxxp://bar.yandex.ru/packages/yandexbar#mail\,\hxxp://b
user_pref(extensions.yasearch@yandex.ru.description, Быстрый

доступ ко всем возможностям Яндекса);
user_pref(extensions.yasearch@yandex.ru.name, Элементы

Яндекса);
user_pref

(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-

widgets.yandex.ru/packages/approved/286/manifest.xml#browserof

fer.all.settings.no-flash.suggest-session, {\
user_pref

(extensions.yasearch@yandex.ru.native_comps.hxxp://bar-

widgets.yandex.ru/packages/approved/286/manifest.xml#browserof

fer.all.settings.widgetSuggest.history, {\htt
user_pref

(extensions.yasearch@yandex.ru.native_comps.hxxp://bar.yandex.

ru/packages/yandexbar#geolocation.all.settings.position,

{\latitude\:\14.5690918\,\longitude\:\



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/28/2016 at  8:29:50.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Link to post
Share on other sites

Heres FRST and Addition.txt

 

FRST.TXT


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by JacJefferson (administrator) on ZERO-DAY (28-01-2016 08:33:06)
Running from C:\Users\JacJefferson\Desktop
Loaded Profiles: JacJefferson (Available Profiles: UpdatusUser & JacJefferson)
Platform: Windows 10 Home (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-08] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50622080 2016-01-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [spotify Web Helper] => C:\Users\JacJefferson\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-22] (Spotify Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [uTorrent] => /MINIMIZED
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [] => 0
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [153208 2015-12-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Ransomware.lnk [2016-01-27]
ShortcutTarget: Malwarebytes Anti-Ransomware.lnk -> C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe (Malwarebytes)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13042e69-6434-4e3a-a8b1-e19c3b79894c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac77a4aa-d0f2-428f-a30a-3fbdfa98cd6f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-15] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> hxxp://www.yandex.ru/?win=212&clid=2100767-002

FireFox:
========
FF ProfilePath: C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206
FF SelectedSearchEngine: Яндекс
FF Session Restore: -> is enabled.
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "71.205.115.155"
FF NetworkProxy: "socks_port", 65535
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: Lightbeam - C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-12-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR StartupUrls: Default -> "hxxps://inbox.google.com/?pli=1","hxxps://accounts.google.com/Login","hxxp://moz.com/","hxxp://semrush.com/","hxxp://buzzsumo.com/","hxxp://drive.google.com/","hxxp://www.windowsxlive.net/","hxxp://www.google.com"
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (oscraper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoedkafpknpijecolafolipaidgjcoo [2016-01-20]
CHR Extension: (Genius Web Annotator) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2016-01-20]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2016-01-20]
CHR Extension: (High Contrast) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-01-20]
CHR Extension: (Gmail Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-01-20]
CHR Extension: (Google Calendar) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-20]
CHR Extension: (Blur) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2016-01-20]
CHR Extension: (Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffccoaooonomblpmkaidfhphgjgkimod [2016-01-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-19]
CHR Extension: (Vysor (Beta)) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-01-20]
CHR Extension: (UX Check) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekhiebdpmljgchjojblnekkcgpdobp [2016-01-20]
CHR Extension: (AdBlock) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffokgiicnnkgaodkpofkcgpdmkdpebj [2016-01-20]
CHR Extension: (SimilarWeb - Site Traffic Sources and Ranking) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2016-01-20]
CHR Extension: (Ubersuggest CPC & Search Volume Enhancer) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hopggcicaffnjomhjjpogcelclkbnigp [2016-01-20]
CHR Extension: (META SEO inspector) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef [2016-01-20]
CHR Extension: (JacReyes.com) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2016-01-20]
CHR Extension: (SimpleExtManager) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2016-01-20]
CHR Extension: (Momentum) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-01-23]
CHR Extension: (Wordtracker Scout) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkalodfoplipapmeogaehmiabdhhjapb [2016-01-20]
CHR Extension: (SEO Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkkpfhgjmocgneajknedjhodkjkkclod [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2016-01-20]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2016-01-20]
CHR Extension: (GTM DevTools Sidebar Panes) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpchkkljkimifenglmblhnklbngejfh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Evernote Web Clipper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR Extension: (Inbox by Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2016-01-20]
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-20]
CHR Extension: (YouTube) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-20]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Советник Яндекс.Маркета) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg [2016-01-20]
CHR Extension: (Google Sheets) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Avira Browser Safety) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-20]
CHR Extension: (Skype) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-20]
CHR Extension: (Яндекс) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-07] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7152128 2015-05-28] (SecureMix LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-07] (Lenovo)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe [3124536 2016-01-25] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-04] (Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2015-11-17] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-07] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-27] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-16] (Avira Operations GmbH & Co. KG)
R3 bcmsmbsp; C:\Windows\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 farflt; C:\WINDOWS\system32\drivers\farflt.sys [53464 2016-01-28] (Malwarebytes)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (SecureMix LLC)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-08] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-04] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [217328 2016-01-28] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2015-10-08] (Intel Corporation)
S3 necbatt; C:\Windows\System32\drivers\necbatt.sys [28512 2015-09-27] (NEC Personal Computers, Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\drivers\tap0901cn.sys [39616 2014-12-29] (Connectify)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-27] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 digitalpower; \SystemRoot\system32\drivers\digitalpower.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 08:33 - 2016-01-28 08:33 - 00032915 _____ C:\Users\JacJefferson\Desktop\FRST.txt
2016-01-28 08:29 - 2016-01-28 08:29 - 00003691 _____ C:\Users\JacJefferson\Desktop\JRT.txt
2016-01-28 08:18 - 2016-01-28 08:18 - 00016148 _____ C:\WINDOWS\system32\ZERO-DAY_JacJefferson_HistoryPrediction.bin
2016-01-28 07:54 - 2016-01-28 07:57 - 00000000 ____D C:\Users\TEMP.ZERO-DAY
2016-01-28 07:54 - 2016-01-28 07:54 - 00000000 ____D C:\Users\TEMP.ZERO-DAY\AppData\Local\TileDataLayer
2016-01-28 01:05 - 2016-01-28 08:33 - 00000000 ____D C:\FRST
2016-01-28 01:04 - 2016-01-28 08:32 - 02370560 _____ (Farbar) C:\Users\JacJefferson\Desktop\FRST64.exe
2016-01-27 07:54 - 2016-01-28 08:01 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-01-27 07:52 - 2016-01-28 08:01 - 00463594 _____ C:\WINDOWS\ntbtlog.txt
2016-01-27 05:47 - 2016-01-27 07:51 - 00000000 ____D C:\Users\TEMP
2016-01-27 05:47 - 2016-01-27 05:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-01-27 05:02 - 2016-01-27 05:02 - 00000847 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\Program Files\Speccy
2016-01-27 03:24 - 2016-01-27 03:24 - 00325432 _____ C:\WINDOWS\Minidump\012716-31234-01.dmp
2016-01-27 03:14 - 2016-01-27 03:14 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\NVIDIA
2016-01-27 03:09 - 2016-01-28 08:17 - 00053464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-01-27 03:09 - 2016-01-27 03:09 - 00001956 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Ransomware.lnk
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\Program Files\Malwarebytes
2016-01-27 03:06 - 2016-01-27 03:06 - 00000000 ___HD C:\$Windows.~BT
2016-01-27 03:05 - 2016-01-27 03:30 - 00000000 ___HD C:\$SysReset
2016-01-27 01:15 - 2016-01-27 01:15 - 00001249 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.4.lnk
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-01-26 23:58 - 2016-01-26 23:58 - 00309648 _____ C:\WINDOWS\Minidump\012616-35296-01.dmp
2016-01-26 23:53 - 2016-01-27 03:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-26 23:53 - 2016-01-26 23:53 - 00328424 _____ C:\WINDOWS\Minidump\012616-27750-01.dmp
2016-01-26 23:52 - 2016-01-27 03:24 - 661340051 _____ C:\WINDOWS\MEMORY.DMP
2016-01-26 23:50 - 2016-01-26 23:50 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-01-26 05:37 - 2016-01-26 05:37 - 00000218 _____ C:\Users\JacJefferson\.recently-used.xbel
2016-01-25 05:34 - 2016-01-25 05:50 - 00001651 _____ C:\Users\JacJefferson\Desktop\UnionJac Experience Mail.lnk
2016-01-25 05:32 - 2016-01-25 05:32 - 00002613 _____ C:\Users\JacJefferson\Desktop\Reyes.Jac08.lnk
2016-01-24 13:44 - 2016-01-28 08:14 - 00000000 ____D C:\AdwCleaner
2016-01-22 12:15 - 2016-01-23 00:39 - 00000000 ____D C:\Users\JacJefferson\Desktop\mbar
2016-01-22 08:51 - 2016-01-22 09:34 - 00000000 ____D C:\Users\JacJefferson\AppData\LocalLow\uTorrent
2016-01-20 06:12 - 2016-01-20 06:12 - 00002460 _____ C:\Users\JacJefferson\Desktop\Main - Jac Reyes - Chrome.lnk
2016-01-20 06:09 - 2016-01-27 05:39 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-01-20 06:04 - 2016-01-20 06:04 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-20 02:48 - 2016-01-20 02:49 - 00000000 ____D C:\Program Files\Defraggler
2016-01-20 02:48 - 2016-01-20 02:48 - 00001775 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-20 02:48 - 2016-01-20 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-01-19 07:52 - 2016-01-19 07:52 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00001230 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-19 07:36 - 2016-01-19 07:36 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ZERO-DAY-Windows-10-Home-(64-bit).dat
2016-01-19 07:36 - 2016-01-19 07:36 - 00000000 ____D C:\RegBackup
2016-01-19 03:55 - 2016-01-19 07:51 - 00002346 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-19 03:55 - 2016-01-19 03:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\system32\NV
2016-01-18 09:55 - 2008-04-15 07:00 - 01355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00935632 _____ (Microsoft Corporation) C:\WINDOWS\system\Vb40016.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2016-01-18 09:55 - 1993-05-11 12:00 - 00398416 _____ (Microsoft Corporation) C:\WINDOWS\system\Vbrun300.dll
2016-01-18 09:55 - 1992-10-20 17:00 - 00356992 _____ (Microsoft Corporation) C:\WINDOWS\system\vbrun200.dll
2016-01-18 09:55 - 1991-05-09 18:00 - 00271264 _____ C:\WINDOWS\system\vbrun100.dll
2016-01-18 09:54 - 2014-09-10 11:14 - 00163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 01070232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00660120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00444328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MShflxgd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00416408 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00279192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00259736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00222360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00219288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00218776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00212112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00179352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00131728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00130712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2016-01-18 09:54 - 2013-11-25 08:27 - 00127640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00119960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00108696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2016-01-18 09:54 - 2013-11-25 08:27 - 00104088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00084624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2016-01-18 09:54 - 2011-01-12 14:36 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2016-01-18 09:54 - 2011-01-12 14:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2016-01-18 09:54 - 2011-01-12 14:19 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2016-01-18 09:54 - 2011-01-12 13:53 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2016-01-18 09:54 - 2007-01-30 11:04 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2016-01-18 09:54 - 2006-08-25 15:28 - 01017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2016-01-18 09:54 - 2006-08-25 15:07 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2016-01-18 09:54 - 2006-08-25 14:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2016-01-18 09:54 - 2006-04-10 15:41 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL32.OCX
2016-01-18 09:54 - 2005-01-20 10:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2016-01-18 09:54 - 2002-01-04 20:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2016-01-18 09:54 - 1994-11-17 16:00 - 00210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2016-01-18 09:49 - 2016-01-27 04:49 - 00000444 _____ C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job
2016-01-18 09:47 - 2016-01-18 10:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DriverPack Notifier
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Package Cache
2016-01-18 09:44 - 2016-01-18 09:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Chromium
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Opera Software
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Opera Software
2016-01-18 09:25 - 2016-01-18 09:25 - 00003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-01-18 08:57 - 2016-01-18 09:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-18 08:57 - 2015-12-17 22:49 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-01-18 08:57 - 2015-12-16 06:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 04498889 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-18 08:51 - 2015-12-17 20:48 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03152591 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-18 08:51 - 2015-12-17 20:48 - 02693360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01928624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01356504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01286160 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01008360 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00933640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00716104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00596128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-01-18 08:51 - 2015-12-17 20:48 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00448584 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00224264 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00172576 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 12986520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 10521552 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05776680 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05289944 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 03282024 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02437144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01601944 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01421104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01211832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01186160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00952984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00369304 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00340648 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01155992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00229656 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00194360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 11896096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 03675560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00467696 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00250360 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00202232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-01-18 08:46 - 2015-10-14 12:35 - 00617976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00382384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00379904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00290216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 02035712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 01766912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00264192 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-01-18 08:46 - 2015-10-14 12:33 - 00204720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-01-18 08:46 - 2015-10-14 12:33 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00095232 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00068096 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00039416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019456 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019448 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018936 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013816 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 08522240 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 06509056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00232952 _____ C:\WINDOWS\system32\igdde64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00171000 _____ C:\WINDOWS\system32\igdail64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00152568 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2016-01-18 08:46 - 2015-10-14 12:31 - 04374440 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00969128 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00555432 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00554920 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409512 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409008 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00165800 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2016-01-18 08:46 - 2015-10-14 12:28 - 04378024 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-01-18 08:46 - 2015-10-14 09:34 - 00191028 __RSH C:\WINDOWS\system32\resTHA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00183668 __RSH C:\WINDOWS\system32\resELL.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00179444 __RSH C:\WINDOWS\system32\resRUS.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00165188 __RSH C:\WINDOWS\system32\resARA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164660 __RSH C:\WINDOWS\system32\resHEB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164644 __RSH C:\WINDOWS\system32\resJPN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160020 __RSH C:\WINDOWS\system32\resHUN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160004 __RSH C:\WINDOWS\system32\resFRA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158260 __RSH C:\WINDOWS\system32\resKOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158180 __RSH C:\WINDOWS\system32\resDEU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158164 __RSH C:\WINDOWS\system32\resITA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157988 __RSH C:\WINDOWS\system32\resROM.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157876 __RSH C:\WINDOWS\system32\resESN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157428 __RSH C:\WINDOWS\system32\resPLK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157332 __RSH C:\WINDOWS\system32\resSKY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157140 __RSH C:\WINDOWS\system32\resNLD.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156532 __RSH C:\WINDOWS\system32\resPTB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156436 __RSH C:\WINDOWS\system32\resTRK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156372 __RSH C:\WINDOWS\system32\resCSY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156244 __RSH C:\WINDOWS\system32\resPTG.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155796 __RSH C:\WINDOWS\system32\resFIN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155396 __RSH C:\WINDOWS\system32\resHRV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154932 __RSH C:\WINDOWS\system32\resSVE.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154820 __RSH C:\WINDOWS\system32\resSLV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153828 __RSH C:\WINDOWS\system32\resNOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153332 __RSH C:\WINDOWS\system32\resDAN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00151988 __RSH C:\WINDOWS\system32\resENU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00150228 __RSH C:\WINDOWS\system32\resCHT.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00149364 __RSH C:\WINDOWS\system32\resCHS.cui
2016-01-18 08:46 - 2015-10-14 09:33 - 00002582 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-01-18 08:28 - 2015-10-08 09:16 - 00185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00935168 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-18 08:25 - 2015-07-10 10:46 - 00053024 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcmsmbsp.sys
2016-01-18 08:24 - 2015-11-18 11:11 - 00245432 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2016-01-18 08:24 - 2015-11-18 11:11 - 00072392 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll.muien-US
2016-01-18 08:24 - 2015-11-18 11:11 - 00046908 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2016-01-18 08:24 - 2015-11-18 11:11 - 00041996 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2016-01-18 08:24 - 2015-09-24 13:08 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-01-18 08:24 - 2009-09-08 23:23 - 00051712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\flashud.sys
2016-01-18 08:23 - 2016-01-18 10:27 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DRPSu
2016-01-17 21:44 - 2016-01-17 21:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-13 01:28 - 2016-01-18 12:43 - 00000000 ____D C:\SUPERDelete
2016-01-13 01:17 - 2016-01-13 01:17 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-23 00:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-13 01:16 - 2016-01-13 01:16 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-12 17:09 - 2016-01-04 22:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 22:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 21:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 21:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 17:09 - 2016-01-04 21:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 17:09 - 2016-01-04 21:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 17:09 - 2016-01-04 20:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 17:09 - 2016-01-04 20:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 20:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 17:08 - 2016-01-04 22:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 17:08 - 2016-01-04 22:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 17:08 - 2016-01-04 22:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 21:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 21:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 21:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 17:08 - 2016-01-04 21:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 17:08 - 2016-01-04 21:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 17:08 - 2016-01-04 21:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 21:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 17:08 - 2016-01-04 21:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 17:08 - 2016-01-04 20:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 17:08 - 2016-01-04 20:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 17:08 - 2016-01-04 20:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 20:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 20:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 20:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 20:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 17:08 - 2016-01-04 20:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 20:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 17:08 - 2016-01-04 20:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 05:09 - 2016-01-10 05:09 - 00000000 ___HD C:\WINDOWS\AxInstSV
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-01-10 03:56 - 2016-01-10 03:56 - 00001287 _____ C:\Users\Public\Desktop\SHAREit.lnk
2016-01-10 03:56 - 2016-01-10 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-08 05:46 - 2016-01-08 05:46 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:37 - 2016-01-08 05:37 - 00000000 ____D C:\ProgramData\IntelDLM
2016-01-07 15:18 - 2016-01-07 15:18 - 00004540 _____ C:\Users\JacJefferson\Desktop\NVIDIA System Information 01-08-2016 04-18-07.txt
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\CyberLink
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Power2Go
2016-01-07 15:00 - 2016-01-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-01-07 14:57 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\CyberLink
2016-01-07 14:44 - 2016-01-07 14:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\ASUS
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Drivers Download Utility
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\Program Files\Asus Drivers Download Utility
2016-01-05 00:15 - 2016-01-05 00:15 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Lenovo
2016-01-05 00:14 - 2016-01-05 00:14 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-01-04 03:04 - 2016-01-04 05:27 - 00000000 ____D C:\Users\JacJefferson\Desktop\tropicana
2015-12-29 01:37 - 2015-12-29 01:37 - 00000000 _____ C:\Users\JacJefferson\systeminfo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 08:19 - 2015-08-09 23:57 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-01-28 08:19 - 2015-05-14 07:48 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Skype
2016-01-28 08:19 - 2015-05-13 09:03 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-28 08:18 - 2015-09-21 06:38 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-28 08:18 - 2015-08-10 00:00 - 00000000 __SHD C:\Users\JacJefferson\IntelGraphicsProfiles
2016-01-28 08:17 - 2015-05-13 00:52 - 00217328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-28 08:16 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-28 08:15 - 2015-07-10 04:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-28 07:57 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-28 07:56 - 2015-06-10 03:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-28 07:55 - 2015-05-13 07:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-28 07:44 - 2015-09-21 06:38 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-28 07:34 - 2015-05-13 09:03 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 07:13 - 2015-08-25 15:17 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5A4667B-6E95-4A17-95C1-799C060D9CCE}
2016-01-28 06:59 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-28 00:50 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-28 00:34 - 2015-06-05 23:57 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\CrashDumps
2016-01-27 05:43 - 2015-08-09 19:50 - 00000000 ____D C:\Users\JacJefferson
2016-01-27 05:02 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-27 03:55 - 2015-08-10 03:40 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-27 03:43 - 2015-12-04 10:33 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-01-27 03:43 - 2015-06-21 16:53 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Samsung
2016-01-27 03:43 - 2012-10-23 09:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-27 03:30 - 2015-06-09 19:39 - 00000000 _____ C:\Recovery.txt
2016-01-27 03:27 - 2015-08-09 19:50 - 00000000 ____D C:\Users\UpdatusUser
2016-01-27 03:09 - 2015-05-13 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 03:05 - 2015-05-13 09:36 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Spotify
2016-01-27 03:00 - 2015-05-13 09:40 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Spotify
2016-01-27 01:16 - 2015-05-13 00:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 09:18 - 2015-05-15 18:32 - 00000000 ___RD C:\Users\JacJefferson\Google Drive
2016-01-26 05:37 - 2015-12-22 13:51 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\.purple
2016-01-26 04:36 - 2015-07-14 01:20 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\gtk-2.0
2016-01-24 13:50 - 2015-06-10 02:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-24 13:45 - 2015-05-13 00:13 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Packages
2016-01-24 07:50 - 2015-06-13 08:34 - 00000000 ____D C:\KMPlayer
2016-01-23 03:00 - 2015-09-27 18:19 - 00000000 ___RD C:\Users\JacJefferson\Dropbox
2016-01-23 03:00 - 2015-09-21 06:38 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Dropbox
2016-01-23 00:41 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-22 22:02 - 2015-05-13 00:52 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-21 15:08 - 2015-05-14 07:47 - 00000000 ____D C:\ProgramData\Skype
2016-01-20 06:06 - 2015-08-09 20:06 - 00774730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-20 02:48 - 2015-05-13 22:37 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\ElevatedDiagnostics
2016-01-20 00:16 - 2015-05-13 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-20 00:10 - 2015-05-13 09:54 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-19 23:56 - 2015-06-10 03:52 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-19 22:20 - 2015-07-10 07:20 - 00351360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 22:16 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 08:31 - 2015-09-05 16:29 - 00003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-01-19 08:21 - 2015-05-18 00:44 - 00774730 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-19 08:06 - 2015-05-14 03:49 - 00007614 _____ C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2016-01-19 04:45 - 2015-06-08 02:09 - 00000000 ____D C:\Users\JacJefferson\Desktop\Tweaking Utils
2016-01-19 04:45 - 2015-06-03 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Frog SEO Spider
2016-01-19 03:56 - 2015-06-25 09:42 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 03:55 - 2015-05-13 09:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-18 23:02 - 2015-05-18 00:38 - 00000463 _____ C:\DelFix.txt
2016-01-18 11:05 - 2015-11-03 04:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-18 09:55 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\System
2016-01-18 09:35 - 2015-08-09 19:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-18 09:32 - 2015-08-09 19:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-18 09:25 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-01-18 09:25 - 2015-06-07 22:07 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-01-18 09:24 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-18 08:58 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-17 21:42 - 2015-12-07 05:51 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-14 09:00 - 2015-11-18 02:46 - 00001217 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-14 08:59 - 2015-11-18 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-12 21:39 - 2015-10-25 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-10 03:30 - 2015-09-30 11:52 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-08 08:27 - 2012-10-23 09:28 - 00000000 ____D C:\ProgramData\P4G
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\servicing
2016-01-08 08:24 - 2015-12-28 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-08 08:24 - 2012-08-04 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-01-08 08:03 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2016-01-08 07:58 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-01-08 07:39 - 2015-08-09 23:58 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-01-08 05:46 - 2015-05-29 19:32 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:46 - 2015-05-14 10:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-08 05:46 - 2012-10-23 09:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-02 20:40 - 2015-07-10 06:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-07-10 06:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-14 01:06 - 2015-09-14 01:06 - 0209702 _____ () C:\Users\JacJefferson\AppData\Local\ars.cache
2015-09-14 01:06 - 2015-09-14 01:06 - 0549069 _____ () C:\Users\JacJefferson\AppData\Local\census.cache
2015-09-14 00:33 - 2015-09-14 00:33 - 0000036 _____ () C:\Users\JacJefferson\AppData\Local\housecall.guid.cache
2015-08-31 07:44 - 2015-08-31 07:44 - 0000743 _____ () C:\Users\JacJefferson\AppData\Local\recently-used.xbel
2015-05-14 03:49 - 2016-01-19 08:06 - 0007614 _____ () C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2015-09-14 00:47 - 2015-09-14 00:47 - 0000010 _____ () C:\Users\JacJefferson\AppData\Local\sponge.last.runtime.cache
2015-08-09 19:47 - 2015-08-09 19:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-04 12:37 - 2012-07-30 01:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 12:37 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2016-01-07 14:58 - 2016-01-07 15:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2016-01-07 14:58 - 2016-01-07 14:58 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\JacJefferson\AppData\Local\Temp\avgnt.exe
C:\Users\JacJefferson\AppData\Local\Temp\sfamcc00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfareca00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfextra.dll
C:\Users\JacJefferson\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-21 16:00

==================== End of FRST.txt ============================
 

Link to post
Share on other sites

ADDITION.TXT


Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by JacJefferson (2016-01-28 08:33:54)
Running from C:\Users\JacJefferson\Desktop
Windows 10 Home (X64) (2015-08-10 04:54:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1844098555-2217923043-3675393532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1844098555-2217923043-3675393532-503 - Limited - Disabled)
Guest (S-1-5-21-1844098555-2217923043-3675393532-501 - Limited - Disabled)
JacJefferson (S-1-5-21-1844098555-2217923043-3675393532-1002 - Administrator - Enabled) => C:\Users\JacJefferson
UpdatusUser (S-1-5-21-1844098555-2217923043-3675393532-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.15 - SecureMix LLC)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM\...\{F73DF121-B04F-4709-B2B6-7E8B13999AF8}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel® Driver Update Utility 2.4 (x32 Version: 2.4.0.5 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4226 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{270e4d1a-19f9-46c3-93b3-e61d4a24ab9f}) (Version: 2.4.0.5 - Intel)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.136 - PandoraTV)
Malwarebytes Anti-Ransomware version 0.9.4.299 (HKLM\...\{6CA75021-FBB0-41A5-B95C-FC1C9E0421F0}_is1) (Version: 0.9.4.299 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.8.1.21 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spotify (HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Hardware Identify (HKLM-x32\...\Tweaking.com - Hardware Identify) (Version: 1.5.0 - Tweaking.com)
Tweaking.com - Remote Desktop IP Monitor & Blocker (HKLM-x32\...\Tweaking.com - Remote Desktop IP Monitor & Blocker) (Version: 1.0.0 - Tweaking.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Technicians Toolbox (HKLM-x32\...\Tweaking.com - Technicians Toolbox) (Version: 1.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.6.1 - Tweaking.com)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0092005F-9193-469C-9751-A28088700552} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {02047003-6E32-4ADB-9488-CFFAF9B1434B} - System32\Tasks\{1A81DC1B-7816-494E-AC5E-E6336F848CEE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.16.85.102/en/go/help.faq.installer?LastError=1618
Task: {038A78CC-E722-4A3C-9A3A-D4D0AD535A05} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-09] (ASUSTek Computer Inc.)
Task: {107CAD50-9393-44A6-913E-487C264C699B} - \Optimize Start Menu Cache Files-S-1-5-21-1844098555-2217923043-3675393532-1002 -> No File <==== ATTENTION
Task: {13046024-E757-4922-A05F-8C14C8ED7FFC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1E559527-B61F-46D2-B9BE-62E1C603EC05} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {28BB9A4B-D029-4FE7-AE42-D81ECF08B908} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-06] (Microsoft Corporation)
Task: {2B1B4F91-5FA8-46DD-8F0E-D1F9D4CA31F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {31ADF460-F9BB-4294-833D-F69A4C8747AA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-12-17] (Realtek Semiconductor)
Task: {39FFB257-A6C7-4C6B-9EDA-802A05083F2C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {3B18C9F8-5710-4895-A0D5-2FFACB328E95} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {452FC05D-96AF-422A-BBD7-1B86BFA5CE56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {57F59E5E-477C-48A5-83CE-14F975646860} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {6FDCC624-D2F1-49F4-BF61-6F5AC8A55C44} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-09] (ASUSTek Computer Inc.)
Task: {71C6E97C-ADCF-40F1-BB02-FBCA1A8E0B45} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-17] (Realtek Semiconductor)
Task: {7930F281-987C-4D2C-B492-039D6EF2E335} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {880EE9E4-0FBB-4DFE-86D2-53361478F494} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {8B532800-31E9-412C-9E04-302ED43B9A94} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8D519DC5-35FB-4CB5-A647-058F50E55D46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {8E1F0490-D74B-4DDC-A607-ACE2A7771E5C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-20] (Microsoft Corporation)
Task: {90E10700-E56C-490A-AE87-7836A665C59C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {938DFF31-EB0D-4F42-A8DD-DFBFD8180567} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {9500CEE4-DCF6-4C51-BABD-18835DD25411} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9CC4F41C-AEE3-403F-BDEF-0285A5ED78B4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A233081D-4F27-4BB0-BBE9-2EAC47C04A62} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-27] (AsusTek)
Task: {A885F258-757B-4A68-BFAE-A7BB50CD0AD5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-01-08] (Microsoft Corporation)
Task: {B726959D-D50E-447B-9BF0-881E9A6AA5C3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B818AC1C-84F5-4012-8F8F-B8F071D63045} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-06] (Microsoft Corporation)
Task: {CCE1202D-61C5-4D5A-B182-9B6CEA1C82D1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {D8A7771A-BA3C-48CF-BCF5-650B3EA8C276} - System32\Tasks\{994F774C-8219-4FA4-BEFD-6D05E7D520D2} => Chrome.exe hxxp://ui.skype.com/ui/0/7.16.85.102/en/go/help.faq.installer?LastError=1618
Task: {E512EA10-17C1-4B31-863C-6D871DADB6D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {E6AD792F-2606-4299-8F60-0C57A6CCD952} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E8BB593B-A5DE-4851-82B8-7913A66AB5ED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EE3DE0D8-5C89-49C0-9CE4-0AE50D1E71E9} - \Обновление Браузера Яндекс  -> No File <==== ATTENTION
Task: {F8D11653-AC40-4DCD-AAA3-7A450DF2B448} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {F9124FD7-30BF-4196-A6E6-CB24D33EE76D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FC60520C-728E-486C-B65B-54B1AF4F30E3} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job => C:\Users\JacJefferson\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-08-10 03:34 - 2015-08-10 03:34 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 10:31 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-12-07 05:51 - 2016-01-06 17:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-01-27 03:09 - 2016-01-25 14:19 - 01139680 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-RANSOMWARE\arwlib.dll
2015-09-30 14:49 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 14:49 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-30 14:48 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-10 07:59 - 2015-11-24 23:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-10 07:58 - 2015-11-24 23:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-10 07:58 - 2015-11-24 23:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 14:49 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 11:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-09 19:47 - 2015-12-16 09:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-28 23:34 - 2015-05-28 23:34 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll
2012-10-23 09:10 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2016-01-19 08:31 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Control Panel\Desktop\\Wallpaper -> c:\users\jacjefferson\appdata\local\microsoft\windows\themes\gangster\desktopbackground\image00006.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "AsusVibeLauncher.lnk"
HKLM\...\StartupApproved\Run: => "ACMON"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Speedify"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Speedify"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Window Hide Tool"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7EE6ACA7-1B3A-4678-9646-BF1051BD81FF}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{79125071-6575-425D-B308-77A68CAE74B5}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{B3B379C8-B6D9-4E77-BC69-F17B02E46888}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{823262E8-1C90-4671-9D24-C7E4C4ABA491}C:\users\jacjefferson\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jacjefferson\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{374DD11F-4CA6-48FB-A6E6-757214B0E851}C:\users\jacjefferson\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jacjefferson\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D46CC0A6-C937-4A40-A08A-A35EAE8615A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A03603AF-F2B5-46DA-BC8F-AC84F80A5EAC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B798657A-A1BD-43A3-B319-25D9663CAC64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{F29E09E6-C57B-4E7D-9E71-84C0B9A1DC52}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [uDP Query User{48355BB0-5CB6-43A0-A2F7-1885B40D3398}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{755221F1-59D3-4BE0-8107-F66FB80964C2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [uDP Query User{C80531B3-BC1C-4EC7-BC3A-0314626EAE01}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{0B1F551C-7347-421D-AA33-E669BF60AF3E}C:\users\jacjefferson\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jacjefferson\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [uDP Query User{98B046D1-D238-4A4A-9B28-CA53DEFA4024}C:\users\jacjefferson\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jacjefferson\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B4D89C5A-6905-4DC8-90F3-CB020EBAFBD2}C:\program files (x86)\lenovo\shareit\shareit.exe] => (Allow) C:\program files (x86)\lenovo\shareit\shareit.exe
FirewallRules: [uDP Query User{E45F8FF6-55C0-4649-B39A-30FF23131A1B}C:\program files (x86)\lenovo\shareit\shareit.exe] => (Allow) C:\program files (x86)\lenovo\shareit\shareit.exe

==================== Restore Points =========================

23-01-2016 00:39:10 Malwarebytes Anti-Rootkit Restore Point
27-01-2016 01:15:07 Intel® Driver Update Utility
27-01-2016 01:16:04 Intel® Driver Update Utility
28-01-2016 08:27:56 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2016 08:16:53 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (01/28/2016 08:16:50 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue

Error: (01/28/2016 08:16:40 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (01/28/2016 08:14:33 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (01/28/2016 08:14:33 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue

Error: (01/28/2016 08:14:31 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (01/28/2016 08:05:29 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (01/28/2016 08:05:27 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue

Error: (01/28/2016 08:05:08 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (01/28/2016 08:02:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZERO-DAY)
Description: Activation of application Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (01/28/2016 08:28:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/28/2016 08:26:55 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error:
%%0

Error: (01/28/2016 08:16:32 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (01/28/2016 08:16:30 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The ATKGFNEX Service service depends on the following service: ASMMAP64. This service might not be installed.

Error: (01/28/2016 08:15:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WWAN AutoConfig service terminated with the following error:
%%997

Error: (01/28/2016 08:15:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/28/2016 08:15:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/28/2016 08:15:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/28/2016 08:15:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/28/2016 08:14:54 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056


CodeIntegrity:
===================================
  Date: 2016-01-27 06:11:41.093
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:41.076
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:41.058
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:41.034
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.967
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.704
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.686
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.630
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.485
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 26%
Total physical RAM: 8077.48 MB
Available physical RAM: 5905.29 MB
Total Virtual: 9357.48 MB
Available Virtual: 7241.69 MB

==================== Drives ================================

Drive c: (Legal Wife) (Fixed) (Total:278.67 GB) (Free:178.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (The Other Woman) (Fixed) (Total:398.17 GB) (Free:279.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: B19F8D36)

Partition: GPT.

==================== End of Addition.txt ============================

Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

dr_web_cureit_zpse80d87bf.jpg
Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)

  • The file will be randomly named
  • Reboot to safe mode <<<<<------------ http://www.computerhope.com/issues/chsafe.htm
  • Run Dr Web
  • Tick the I agree box and select continue
  • Click select objects for scanning


    drwebselect.JPG

  • Tick all boxes as shown
  • Click the wrench and select automatically apply actions to threats


    drwebfolders.JPG

  • Press start scan
  • The scan will now commence


    drwebscan.JPG

  • Once the scan has finished click open report <<<--- Do not miss this step


    drwebscancomplete.JPG

  • A notepad will open
  • Select File > Save as..
  • Save it to your desktop



This log will be excessive,  Please attach it to your next reply…

Let me see those logs, also give an update on any remaining issues or concerns....

 

Thank you,

 

Kevin
 

Fixlist.txt

Link to post
Share on other sites

Hey Kevinf80,

 

Here's the Fixlog.txt

Still downloading Drweb Cureit. Will post logs as soon as they are available.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by JacJefferson (2016-01-28 15:13:53) Run:1
Running from C:\Users\JacJefferson\Desktop
Loaded Profiles: JacJefferson (Available Profiles: UpdatusUser & JacJefferson)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [uTorrent] => /MINIMIZED
HKU\S-1-5-18\...\Run: [] => 0
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "71.205.115.155"
FF NetworkProxy: "socks_port", 65535
FF NetworkProxy: "type", 0
S3 digitalpower; \SystemRoot\system32\drivers\digitalpower.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Users\JacJefferson\AppData\Local\Temp\avgnt.exe
C:\Users\JacJefferson\AppData\Local\Temp\sfamcc00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfareca00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfextra.dll
C:\Users\JacJefferson\AppData\Local\Temp\sqlite3.dll
Task: {107CAD50-9393-44A6-913E-487C264C699B} - \Optimize Start Menu Cache Files-S-1-5-21-1844098555-2217923043-3675393532-1002 -> No File <==== ATTENTION
Task: {13046024-E757-4922-A05F-8C14C8ED7FFC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1E559527-B61F-46D2-B9BE-62E1C603EC05} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {452FC05D-96AF-422A-BBD7-1B86BFA5CE56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8B532800-31E9-412C-9E04-302ED43B9A94} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {90E10700-E56C-490A-AE87-7836A665C59C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9500CEE4-DCF6-4C51-BABD-18835DD25411} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9CC4F41C-AEE3-403F-BDEF-0285A5ED78B4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B726959D-D50E-447B-9BF0-881E9A6AA5C3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E6AD792F-2606-4299-8F60-0C57A6CCD952} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E8BB593B-A5DE-4851-82B8-7913A66AB5ED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EE3DE0D8-5C89-49C0-9CE4-0AE50D1E71E9} - \Обновление Браузера Яндекс  -> No File <==== ATTENTION
Task: {F9124FD7-30BF-4196-A6E6-CB24D33EE76D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
EmptyTemp:
end



*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
Firefox Proxy settings were reset.
FF NetworkProxy: "socks", "71.205.115.155" => not found
FF NetworkProxy: "socks_port", 65535 => not found
FF NetworkProxy: "type", 0 => not found
digitalpower => service removed successfully
wfpcapture => service removed successfully
C:\Users\JacJefferson\AppData\Local\Temp\avgnt.exe => moved successfully
C:\Users\JacJefferson\AppData\Local\Temp\sfamcc00001.dll => moved successfully
C:\Users\JacJefferson\AppData\Local\Temp\sfareca00001.dll => moved successfully
C:\Users\JacJefferson\AppData\Local\Temp\sfextra.dll => moved successfully
C:\Users\JacJefferson\AppData\Local\Temp\sqlite3.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{107CAD50-9393-44A6-913E-487C264C699B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{107CAD50-9393-44A6-913E-487C264C699B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-1844098555-2217923043-3675393532-1002" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13046024-E757-4922-A05F-8C14C8ED7FFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13046024-E757-4922-A05F-8C14C8ED7FFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E559527-B61F-46D2-B9BE-62E1C603EC05}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E559527-B61F-46D2-B9BE-62E1C603EC05}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{452FC05D-96AF-422A-BBD7-1B86BFA5CE56}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{452FC05D-96AF-422A-BBD7-1B86BFA5CE56}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B532800-31E9-412C-9E04-302ED43B9A94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B532800-31E9-412C-9E04-302ED43B9A94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90E10700-E56C-490A-AE87-7836A665C59C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90E10700-E56C-490A-AE87-7836A665C59C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9500CEE4-DCF6-4C51-BABD-18835DD25411}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9500CEE4-DCF6-4C51-BABD-18835DD25411}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CC4F41C-AEE3-403F-BDEF-0285A5ED78B4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CC4F41C-AEE3-403F-BDEF-0285A5ED78B4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B726959D-D50E-447B-9BF0-881E9A6AA5C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B726959D-D50E-447B-9BF0-881E9A6AA5C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E6AD792F-2606-4299-8F60-0C57A6CCD952}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6AD792F-2606-4299-8F60-0C57A6CCD952}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8BB593B-A5DE-4851-82B8-7913A66AB5ED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8BB593B-A5DE-4851-82B8-7913A66AB5ED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE3DE0D8-5C89-49C0-9CE4-0AE50D1E71E9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE3DE0D8-5C89-49C0-9CE4-0AE50D1E71E9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Обновление Браузера Яндекс " => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9124FD7-30BF-4196-A6E6-CB24D33EE76D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9124FD7-30BF-4196-A6E6-CB24D33EE76D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
EmptyTemp: => 684.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 15:15:02 ====

Link to post
Share on other sites

Hello Kevinf80,

 

I had to zip the txt file as the file itself is 50+mb. Copy and pasting it in the text box gets firefox to freeze so i presumed it's not liking the size of the text pasted.

 

Let me know if this attachment works or if I have to use another medium to send you the log file of dr web cureit.

 

(Also in the logs, i noticed that dr web said my computer had 1k plus errors) My PC is now running fine although it is taking a fairly long time in booting. Anyways, il let you see the logs and il hang on.

 

THanks!

 

Jac

cureit.zip

Link to post
Share on other sites

Hiya Jac,

 

What is the current status of your system, are there any remaining issues or concerns?

 

grayhitmanpro_16px.png Scan with HitmanPro

In any case don't remove on your own anything that Hitman Pro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!

Please download HitmanPro by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on grayhitmanpro_16px.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button. You must agree with the terms of EULA (if asked).
  • Check the box beside No, I only want to perform a one-time scan to check this computer.
  • Click on the Next button.
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore.
  • If there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro!
    Navigate to C:\ProgramData\HitmanPro\Logs, open the report and include it it your next reply.
  • Click on the Next button.
  • Click on the Save Log button.
  • Save that file to your desktop.



Please include that logfile in your next reply.

Don't forget to re-enable your security!
 

Thank you,

 

Kevin

Link to post
Share on other sites

Hey Kev,

 

Here's the log of hitman pro.

 

 

(Also, if it's of any help, before I first posted this topic, Chrome was uninstalled (bec it was quarantined by MB anti ransomware). Im okay doing a clean install of Chrome (although i dont know how). Just saying maybe some chrome remnants were left somewhere, somehow. Bec in this HItman pro log, only the tracking cookies of FF were seen. Just saying... :)

 

 

 

HitmanPro 3.7.12.253www.hitmanpro.com   Computer name . . . . : ZERO-DAY   Windows . . . . . . . : 10.0.0.10240.X64/8   User name . . . . . . : ZERO-DAY\JacJefferson   UAC . . . . . . . . . : Enabled   License . . . . . . . : Free   Scan date . . . . . . : 2016-01-29 05:51:44   Scan mode . . . . . . : Normal   Scan duration . . . . : 6m 50s   Disk access mode  . . : Direct disk access (SRB)   Cloud . . . . . . . . : Internet   Reboot  . . . . . . . : No   Threats . . . . . . . : 0   Traces  . . . . . . . : 3   Objects scanned . . . : 2,093,987   Files scanned . . . . : 60,231   Remnants scanned  . . : 496,182 files / 1,537,574 keysSuspicious files ____________________________________________________________   C:\Users\JacJefferson\Desktop\FRST64.exe      Size . . . . . . . : 2,370,560 bytes      Age  . . . . . . . : 1.2 days (2016-01-28 01:04:55)      Entropy  . . . . . : 7.6      SHA-256  . . . . . : 329DE119D3FD38387AA31C04A3C649587B579C89467D26DA5BA601346994BB87      Needs elevation  . : Yes      Fuzzy  . . . . . . : 24.0         Program has no publisher information but prompts the user for permission elevation.         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.         Authors name is missing in version info. This is not common to most programs.         Version control is missing. This file is probably created by an individual. This is not typical for most programs.         Time indicates that the file appeared recently on this computer.      Forensic Cluster          0.0s C:\Users\JacJefferson\Desktop\FRST64.exe          1.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\76\C3484680317D9044.dat          2.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\28A1A2E6561EC4D41C3B6E1DA1B99984         22.4s C:\FRST\Hives\         22.4s C:\FRST\Logs\         22.4s C:\FRST\         22.4s C:\FRST\Quarantine\         24.9s C:\FRST\Hives\ERDNT.INF         24.9s C:\FRST\Hives\ERDNT.CON         25.0s C:\FRST\Hives\system         25.3s C:\FRST\Hives\software         27.9s C:\Windows\Prefetch\FRST64.EXE-CEB094D0.pf         28.5s C:\FRST\Hives\default         28.6s C:\FRST\Hives\security         28.7s C:\FRST\Hives\sam         28.8s C:\FRST\Hives\Users\         28.8s C:\FRST\Hives\Users\00000001\         28.8s C:\FRST\Hives\Users\00000001\ntuser.dat         28.9s C:\FRST\Hives\Users\00000002\         28.9s C:\FRST\Hives\Users\00000002\UsrClass.dat         29.1s C:\FRST\Hives\BCD         29.2s C:\FRST\Hives\ERDNT.EXE         29.2s C:\FRST\Hives\ERDNTWIN.LOC         29.2s C:\FRST\Hives\ERDNTDOS.LOC         30.0s C:\Users\JacJefferson\AppData\Local\Microsoft\Windows\INetCookies\HG16AFAV.txt         30.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\37\674C07CD4F03AB71.datCookies _____________________________________________________________________   C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206\cookies.sqlite:doubleclick.net   C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206\cookies.sqlite:skimresources.com
 
Link to post
Share on other sites

Cookies are usually nothing to worry about, 3rd party Cookies can be troublesome. Have a read here: https://en.wikipedia.org/wiki/HTTP_cookie

 

I use Firfox as my default browser, I have the Privacy settings set to clear Cookies and History when I close FF out....

 

Next,

 

For a clean install of Chrome do the following:

 

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

Continue for a clean install:

Remove all synced data from Chrome go here: http://www.howtogeek.com/103655/how-to-delete-your-google-chrome-browser-sync-data/ follow those instructions...

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local  from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Install Google Chrome from here: https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

Install Adblock Plus to Chrome: https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb

Next,

 

What is the current status of your system, are there any remaining issues or concerns...

 

Thank you,

 

Kevin
 

Link to post
Share on other sites

I will follow your chrome clean install instructions. But other than that, I think  my machine is okay though I have stopped working and logging in my accounts.

 

Anyway, I ran an FRST scan again, mind checking if all checks out?

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by JacJefferson (administrator) on ZERO-DAY (29-01-2016 06:54:12)
Running from C:\Users\JacJefferson\Desktop
Loaded Profiles: UpdatusUser & JacJefferson (Available Profiles: UpdatusUser & JacJefferson)
Platform: Windows 10 Home (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(SurfRight B.V.) C:\Users\JacJefferson\Desktop\HitmanPro_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-08] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50622080 2016-01-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [spotify Web Helper] => C:\Users\JacJefferson\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-22] (Spotify Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [153208 2015-12-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Ransomware.lnk [2016-01-29]
ShortcutTarget: Malwarebytes Anti-Ransomware.lnk -> C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe (Malwarebytes)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13042e69-6434-4e3a-a8b1-e19c3b79894c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{13042e69-6434-4e3a-a8b1-e19c3b79894c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac77a4aa-d0f2-428f-a30a-3fbdfa98cd6f}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{ac77a4aa-d0f2-428f-a30a-3fbdfa98cd6f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-15] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> hxxp://www.yandex.ru/?win=212&clid=2100767-002

FireFox:
========
FF ProfilePath: C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206
FF SelectedSearchEngine: Яндекс
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: Lightbeam - C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-12-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR StartupUrls: Default -> "hxxps://inbox.google.com/?pli=1","hxxps://accounts.google.com/Login","hxxp://moz.com/","hxxp://semrush.com/","hxxp://buzzsumo.com/","hxxp://drive.google.com/","hxxp://www.windowsxlive.net/","hxxp://www.google.com"
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (oscraper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoedkafpknpijecolafolipaidgjcoo [2016-01-20]
CHR Extension: (Genius Web Annotator) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2016-01-20]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2016-01-20]
CHR Extension: (High Contrast) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-01-20]
CHR Extension: (Gmail Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-01-20]
CHR Extension: (Google Calendar) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-20]
CHR Extension: (Blur) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2016-01-20]
CHR Extension: (Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffccoaooonomblpmkaidfhphgjgkimod [2016-01-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-19]
CHR Extension: (Vysor (Beta)) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-01-20]
CHR Extension: (UX Check) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekhiebdpmljgchjojblnekkcgpdobp [2016-01-20]
CHR Extension: (AdBlock) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffokgiicnnkgaodkpofkcgpdmkdpebj [2016-01-20]
CHR Extension: (SimilarWeb - Site Traffic Sources and Ranking) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2016-01-20]
CHR Extension: (Ubersuggest CPC & Search Volume Enhancer) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hopggcicaffnjomhjjpogcelclkbnigp [2016-01-20]
CHR Extension: (META SEO inspector) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef [2016-01-20]
CHR Extension: (JacReyes.com) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2016-01-20]
CHR Extension: (SimpleExtManager) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2016-01-20]
CHR Extension: (Momentum) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-01-23]
CHR Extension: (Wordtracker Scout) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkalodfoplipapmeogaehmiabdhhjapb [2016-01-20]
CHR Extension: (SEO Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkkpfhgjmocgneajknedjhodkjkkclod [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2016-01-20]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2016-01-20]
CHR Extension: (GTM DevTools Sidebar Panes) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpchkkljkimifenglmblhnklbngejfh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Evernote Web Clipper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR Extension: (Inbox by Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2016-01-20]
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-20]
CHR Extension: (YouTube) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-20]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Советник Яндекс.Маркета) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg [2016-01-20]
CHR Extension: (Google Sheets) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Avira Browser Safety) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-20]
CHR Extension: (Skype) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-20]
CHR Extension: (Яндекс) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-07] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7152128 2015-05-28] (SecureMix LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-07] (Lenovo)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe [3124536 2016-01-25] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-04] (Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2015-11-17] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-07] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-27] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-16] (Avira Operations GmbH & Co. KG)
R3 bcmsmbsp; C:\Windows\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 farflt; C:\WINDOWS\system32\drivers\farflt.sys [54656 2016-01-29] (Malwarebytes)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (SecureMix LLC)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2016-01-29] ()
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-08] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-04] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [217328 2016-01-29] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2015-10-08] (Intel Corporation)
S3 necbatt; C:\Windows\System32\drivers\necbatt.sys [28512 2015-09-27] (NEC Personal Computers, Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\drivers\tap0901cn.sys [39616 2014-12-29] (Connectify)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-27] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-29 06:12 - 2016-01-29 06:12 - 00016148 _____ C:\WINDOWS\system32\ZERO-DAY_JacJefferson_HistoryPrediction.bin
2016-01-29 05:40 - 2016-01-29 05:50 - 11323704 _____ (SurfRight B.V.) C:\Users\JacJefferson\Desktop\HitmanPro_x64.exe
2016-01-29 02:20 - 2016-01-29 02:20 - 05745508 _____ C:\Users\JacJefferson\Desktop\cureit.zip
2016-01-28 15:39 - 2016-01-29 01:14 - 00000000 ____D C:\Users\JacJefferson\Doctor Web
2016-01-28 15:23 - 2016-01-28 15:39 - 182249480 _____ C:\Users\JacJefferson\Desktop\27acu7je.exe
2016-01-28 15:13 - 2016-01-28 15:15 - 00010258 _____ C:\Users\JacJefferson\Desktop\Fixlog.txt
2016-01-28 08:33 - 2016-01-29 06:54 - 00034159 _____ C:\Users\JacJefferson\Desktop\FRST.txt
2016-01-28 08:33 - 2016-01-28 08:34 - 00036867 _____ C:\Users\JacJefferson\Desktop\Addition.txt
2016-01-28 08:29 - 2016-01-28 08:29 - 00003691 _____ C:\Users\JacJefferson\Desktop\JRT.txt
2016-01-28 07:54 - 2016-01-28 07:57 - 00000000 ____D C:\Users\TEMP.ZERO-DAY
2016-01-28 07:54 - 2016-01-28 07:54 - 00000000 ____D C:\Users\TEMP.ZERO-DAY\AppData\Local\TileDataLayer
2016-01-28 01:05 - 2016-01-29 06:54 - 00000000 ____D C:\FRST
2016-01-28 01:04 - 2016-01-28 08:32 - 02370560 _____ (Farbar) C:\Users\JacJefferson\Desktop\FRST64.exe
2016-01-27 07:54 - 2016-01-29 00:03 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-01-27 07:52 - 2016-01-29 00:05 - 00927874 _____ C:\WINDOWS\ntbtlog.txt
2016-01-27 05:47 - 2016-01-27 07:51 - 00000000 ____D C:\Users\TEMP
2016-01-27 05:47 - 2016-01-27 05:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-01-27 05:02 - 2016-01-27 05:02 - 00000847 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\Program Files\Speccy
2016-01-27 03:24 - 2016-01-27 03:24 - 00325432 _____ C:\WINDOWS\Minidump\012716-31234-01.dmp
2016-01-27 03:14 - 2016-01-27 03:14 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\NVIDIA
2016-01-27 03:09 - 2016-01-29 04:44 - 00054656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-01-27 03:09 - 2016-01-29 01:56 - 00001956 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Ransomware.lnk
2016-01-27 03:09 - 2016-01-29 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\Program Files\Malwarebytes
2016-01-27 03:06 - 2016-01-27 03:06 - 00000000 ___HD C:\$Windows.~BT
2016-01-27 03:05 - 2016-01-27 03:30 - 00000000 ___HD C:\$SysReset
2016-01-27 01:15 - 2016-01-27 01:15 - 00001249 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.4.lnk
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-01-26 23:58 - 2016-01-26 23:58 - 00309648 _____ C:\WINDOWS\Minidump\012616-35296-01.dmp
2016-01-26 23:53 - 2016-01-27 03:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-26 23:53 - 2016-01-26 23:53 - 00328424 _____ C:\WINDOWS\Minidump\012616-27750-01.dmp
2016-01-26 23:52 - 2016-01-27 03:24 - 661340051 _____ C:\WINDOWS\MEMORY.DMP
2016-01-26 23:50 - 2016-01-26 23:50 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-01-26 05:37 - 2016-01-26 05:37 - 00000218 _____ C:\Users\JacJefferson\.recently-used.xbel
2016-01-25 05:34 - 2016-01-25 05:50 - 00001651 _____ C:\Users\JacJefferson\Desktop\UnionJac Experience Mail.lnk
2016-01-25 05:32 - 2016-01-25 05:32 - 00002613 _____ C:\Users\JacJefferson\Desktop\Reyes.Jac08.lnk
2016-01-24 13:44 - 2016-01-28 08:14 - 00000000 ____D C:\AdwCleaner
2016-01-22 12:15 - 2016-01-23 00:39 - 00000000 ____D C:\Users\JacJefferson\Desktop\mbar
2016-01-22 08:51 - 2016-01-22 09:34 - 00000000 ____D C:\Users\JacJefferson\AppData\LocalLow\uTorrent
2016-01-20 06:12 - 2016-01-20 06:12 - 00002460 _____ C:\Users\JacJefferson\Desktop\Main - Jac Reyes - Chrome.lnk
2016-01-20 06:09 - 2016-01-27 05:39 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-01-20 06:04 - 2016-01-20 06:04 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-20 02:48 - 2016-01-20 02:49 - 00000000 ____D C:\Program Files\Defraggler
2016-01-20 02:48 - 2016-01-20 02:48 - 00001775 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-20 02:48 - 2016-01-20 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-01-19 07:52 - 2016-01-19 07:52 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00001230 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-19 07:36 - 2016-01-19 07:36 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ZERO-DAY-Windows-10-Home-(64-bit).dat
2016-01-19 07:36 - 2016-01-19 07:36 - 00000000 ____D C:\RegBackup
2016-01-19 03:55 - 2016-01-29 02:35 - 00002282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-19 03:55 - 2016-01-29 02:35 - 00002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\system32\NV
2016-01-18 09:55 - 2008-04-15 07:00 - 01355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00935632 _____ (Microsoft Corporation) C:\WINDOWS\system\Vb40016.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2016-01-18 09:55 - 1993-05-11 12:00 - 00398416 _____ (Microsoft Corporation) C:\WINDOWS\system\Vbrun300.dll
2016-01-18 09:55 - 1992-10-20 17:00 - 00356992 _____ (Microsoft Corporation) C:\WINDOWS\system\vbrun200.dll
2016-01-18 09:55 - 1991-05-09 18:00 - 00271264 _____ C:\WINDOWS\system\vbrun100.dll
2016-01-18 09:54 - 2014-09-10 11:14 - 00163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 01070232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00660120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00444328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MShflxgd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00416408 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00279192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00259736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00222360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00219288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00218776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00212112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00179352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00131728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00130712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2016-01-18 09:54 - 2013-11-25 08:27 - 00127640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00119960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00108696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2016-01-18 09:54 - 2013-11-25 08:27 - 00104088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00084624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2016-01-18 09:54 - 2011-01-12 14:36 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2016-01-18 09:54 - 2011-01-12 14:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2016-01-18 09:54 - 2011-01-12 14:19 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2016-01-18 09:54 - 2011-01-12 13:53 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2016-01-18 09:54 - 2007-01-30 11:04 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2016-01-18 09:54 - 2006-08-25 15:28 - 01017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2016-01-18 09:54 - 2006-08-25 15:07 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2016-01-18 09:54 - 2006-08-25 14:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2016-01-18 09:54 - 2006-04-10 15:41 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL32.OCX
2016-01-18 09:54 - 2005-01-20 10:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2016-01-18 09:54 - 2002-01-04 20:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2016-01-18 09:54 - 1994-11-17 16:00 - 00210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2016-01-18 09:49 - 2016-01-28 10:49 - 00000444 _____ C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job
2016-01-18 09:47 - 2016-01-18 10:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DriverPack Notifier
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Package Cache
2016-01-18 09:44 - 2016-01-18 09:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Chromium
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Opera Software
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Opera Software
2016-01-18 09:25 - 2016-01-18 09:25 - 00003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-01-18 08:57 - 2016-01-18 09:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-18 08:57 - 2015-12-17 22:49 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-01-18 08:57 - 2015-12-16 06:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 04498889 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-18 08:51 - 2015-12-17 20:48 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03152591 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-18 08:51 - 2015-12-17 20:48 - 02693360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01928624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01356504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01286160 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01008360 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00933640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00716104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00596128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-01-18 08:51 - 2015-12-17 20:48 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00448584 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00224264 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00172576 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 12986520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 10521552 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05776680 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05289944 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 03282024 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02437144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01601944 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01421104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01211832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01186160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00952984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00369304 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00340648 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01155992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00229656 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00194360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 11896096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 03675560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00467696 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00250360 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00202232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-01-18 08:46 - 2015-10-14 12:35 - 00617976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00382384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00379904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00290216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 02035712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 01766912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00264192 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-01-18 08:46 - 2015-10-14 12:33 - 00204720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-01-18 08:46 - 2015-10-14 12:33 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00095232 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00068096 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00039416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019456 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019448 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018936 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013816 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 08522240 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 06509056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00232952 _____ C:\WINDOWS\system32\igdde64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00171000 _____ C:\WINDOWS\system32\igdail64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00152568 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2016-01-18 08:46 - 2015-10-14 12:31 - 04374440 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00969128 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00555432 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00554920 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409512 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409008 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00165800 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2016-01-18 08:46 - 2015-10-14 12:28 - 04378024 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-01-18 08:46 - 2015-10-14 09:34 - 00191028 __RSH C:\WINDOWS\system32\resTHA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00183668 __RSH C:\WINDOWS\system32\resELL.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00179444 __RSH C:\WINDOWS\system32\resRUS.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00165188 __RSH C:\WINDOWS\system32\resARA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164660 __RSH C:\WINDOWS\system32\resHEB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164644 __RSH C:\WINDOWS\system32\resJPN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160020 __RSH C:\WINDOWS\system32\resHUN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160004 __RSH C:\WINDOWS\system32\resFRA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158260 __RSH C:\WINDOWS\system32\resKOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158180 __RSH C:\WINDOWS\system32\resDEU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158164 __RSH C:\WINDOWS\system32\resITA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157988 __RSH C:\WINDOWS\system32\resROM.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157876 __RSH C:\WINDOWS\system32\resESN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157428 __RSH C:\WINDOWS\system32\resPLK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157332 __RSH C:\WINDOWS\system32\resSKY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157140 __RSH C:\WINDOWS\system32\resNLD.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156532 __RSH C:\WINDOWS\system32\resPTB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156436 __RSH C:\WINDOWS\system32\resTRK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156372 __RSH C:\WINDOWS\system32\resCSY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156244 __RSH C:\WINDOWS\system32\resPTG.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155796 __RSH C:\WINDOWS\system32\resFIN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155396 __RSH C:\WINDOWS\system32\resHRV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154932 __RSH C:\WINDOWS\system32\resSVE.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154820 __RSH C:\WINDOWS\system32\resSLV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153828 __RSH C:\WINDOWS\system32\resNOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153332 __RSH C:\WINDOWS\system32\resDAN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00151988 __RSH C:\WINDOWS\system32\resENU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00150228 __RSH C:\WINDOWS\system32\resCHT.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00149364 __RSH C:\WINDOWS\system32\resCHS.cui
2016-01-18 08:46 - 2015-10-14 09:33 - 00002582 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-01-18 08:28 - 2015-10-08 09:16 - 00185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00935168 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-18 08:25 - 2015-07-10 10:46 - 00053024 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcmsmbsp.sys
2016-01-18 08:24 - 2015-11-18 11:11 - 00245432 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2016-01-18 08:24 - 2015-11-18 11:11 - 00072392 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll.muien-US
2016-01-18 08:24 - 2015-11-18 11:11 - 00046908 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2016-01-18 08:24 - 2015-11-18 11:11 - 00041996 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2016-01-18 08:24 - 2015-09-24 13:08 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-01-18 08:24 - 2009-09-08 23:23 - 00051712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\flashud.sys
2016-01-18 08:23 - 2016-01-18 10:27 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DRPSu
2016-01-17 21:44 - 2016-01-17 21:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-13 01:28 - 2016-01-18 12:43 - 00000000 ____D C:\SUPERDelete
2016-01-13 01:17 - 2016-01-13 01:17 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-23 00:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-13 01:16 - 2016-01-13 01:16 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-12 17:09 - 2016-01-04 22:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 22:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 21:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 21:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 17:09 - 2016-01-04 21:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 17:09 - 2016-01-04 21:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 17:09 - 2016-01-04 20:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 17:09 - 2016-01-04 20:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 20:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 17:08 - 2016-01-04 22:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 17:08 - 2016-01-04 22:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 17:08 - 2016-01-04 22:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 21:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 21:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 21:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 17:08 - 2016-01-04 21:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 17:08 - 2016-01-04 21:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 17:08 - 2016-01-04 21:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 21:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 17:08 - 2016-01-04 21:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 17:08 - 2016-01-04 20:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 17:08 - 2016-01-04 20:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 17:08 - 2016-01-04 20:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 20:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 20:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 20:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 20:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 17:08 - 2016-01-04 20:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 20:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 17:08 - 2016-01-04 20:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 05:09 - 2016-01-10 05:09 - 00000000 ___HD C:\WINDOWS\AxInstSV
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-01-10 03:56 - 2016-01-10 03:56 - 00001287 _____ C:\Users\Public\Desktop\SHAREit.lnk
2016-01-10 03:56 - 2016-01-10 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-08 05:46 - 2016-01-08 05:46 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:37 - 2016-01-08 05:37 - 00000000 ____D C:\ProgramData\IntelDLM
2016-01-07 15:18 - 2016-01-07 15:18 - 00004540 _____ C:\Users\JacJefferson\Desktop\NVIDIA System Information 01-08-2016 04-18-07.txt
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\CyberLink
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Power2Go
2016-01-07 15:00 - 2016-01-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-01-07 14:57 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\CyberLink
2016-01-07 14:44 - 2016-01-07 14:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\ASUS
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Drivers Download Utility
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\Program Files\Asus Drivers Download Utility
2016-01-05 00:15 - 2016-01-05 00:15 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Lenovo
2016-01-05 00:14 - 2016-01-05 00:14 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-01-04 03:04 - 2016-01-04 05:27 - 00000000 ____D C:\Users\JacJefferson\Desktop\tropicana

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-29 06:43 - 2015-09-21 06:38 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-29 06:34 - 2015-05-13 09:03 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-29 05:56 - 2015-06-10 03:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-29 05:37 - 2015-05-14 07:48 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Skype
2016-01-29 04:47 - 2015-08-09 23:57 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-01-29 04:46 - 2015-05-13 00:52 - 00217328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-29 04:45 - 2015-09-21 06:38 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-29 04:45 - 2015-08-10 00:00 - 00000000 __SHD C:\Users\JacJefferson\IntelGraphicsProfiles
2016-01-29 04:45 - 2015-05-13 09:03 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-29 04:44 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-29 04:43 - 2015-07-10 04:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-29 03:18 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-29 03:17 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-29 03:05 - 2015-08-09 19:50 - 00000000 ____D C:\Users\JacJefferson
2016-01-29 03:05 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-29 02:27 - 2015-05-13 09:03 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Google
2016-01-28 07:55 - 2015-05-13 07:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-28 07:13 - 2015-08-25 15:17 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5A4667B-6E95-4A17-95C1-799C060D9CCE}
2016-01-28 00:50 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-28 00:34 - 2015-06-05 23:57 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\CrashDumps
2016-01-27 03:55 - 2015-08-10 03:40 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-27 03:43 - 2015-12-04 10:33 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-01-27 03:43 - 2015-06-21 16:53 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Samsung
2016-01-27 03:43 - 2012-10-23 09:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-27 03:30 - 2015-06-09 19:39 - 00000000 _____ C:\Recovery.txt
2016-01-27 03:27 - 2015-08-09 19:50 - 00000000 ____D C:\Users\UpdatusUser
2016-01-27 03:09 - 2015-05-13 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 03:05 - 2015-05-13 09:36 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Spotify
2016-01-27 03:00 - 2015-05-13 09:40 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Spotify
2016-01-27 01:18 - 2012-10-23 09:10 - 00000000 ____D C:\ProgramData\Intel
2016-01-27 01:16 - 2015-05-13 00:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 09:18 - 2015-05-15 18:32 - 00000000 ___RD C:\Users\JacJefferson\Google Drive
2016-01-26 05:37 - 2015-12-22 13:51 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\.purple
2016-01-26 04:36 - 2015-07-14 01:20 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\gtk-2.0
2016-01-24 13:50 - 2015-06-10 02:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-24 13:45 - 2015-05-13 00:13 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Packages
2016-01-24 07:50 - 2015-06-13 08:34 - 00000000 ____D C:\KMPlayer
2016-01-23 03:00 - 2015-09-27 18:19 - 00000000 ___RD C:\Users\JacJefferson\Dropbox
2016-01-23 03:00 - 2015-09-21 06:38 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Dropbox
2016-01-23 00:41 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-22 22:02 - 2015-05-13 00:52 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-21 15:08 - 2015-05-14 07:47 - 00000000 ____D C:\ProgramData\Skype
2016-01-20 06:06 - 2015-08-09 20:06 - 00774730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-20 02:48 - 2015-05-13 22:37 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\ElevatedDiagnostics
2016-01-20 00:16 - 2015-05-13 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-20 00:10 - 2015-05-13 09:54 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-19 23:56 - 2015-06-10 03:52 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-19 22:20 - 2015-07-10 07:20 - 00351360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 22:16 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 08:31 - 2015-09-05 16:29 - 00003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-01-19 08:21 - 2015-05-18 00:44 - 00774730 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-19 08:06 - 2015-05-14 03:49 - 00007614 _____ C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2016-01-19 04:45 - 2015-06-08 02:09 - 00000000 ____D C:\Users\JacJefferson\Desktop\Tweaking Utils
2016-01-19 04:45 - 2015-06-03 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Frog SEO Spider
2016-01-19 03:56 - 2015-06-25 09:42 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 03:55 - 2015-05-13 09:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-18 23:02 - 2015-05-18 00:38 - 00000463 _____ C:\DelFix.txt
2016-01-18 11:05 - 2015-11-03 04:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-18 09:55 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\System
2016-01-18 09:35 - 2015-08-09 19:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-18 09:32 - 2015-08-09 19:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-18 09:25 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-01-18 09:25 - 2015-06-07 22:07 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-01-18 09:24 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-18 08:58 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-17 21:42 - 2015-12-07 05:51 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-14 09:00 - 2015-11-18 02:46 - 00001217 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-14 08:59 - 2015-11-18 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-12 21:39 - 2015-10-25 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-10 03:30 - 2015-09-30 11:52 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-08 08:27 - 2012-10-23 09:28 - 00000000 ____D C:\ProgramData\P4G
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\servicing
2016-01-08 08:24 - 2015-12-28 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-08 08:24 - 2012-08-04 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-01-08 08:03 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2016-01-08 07:58 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-01-08 07:39 - 2015-08-09 23:58 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-01-08 05:46 - 2015-05-29 19:32 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:46 - 2015-05-14 10:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-08 05:46 - 2012-10-23 09:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-02 20:40 - 2015-07-10 06:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-07-10 06:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-14 01:06 - 2015-09-14 01:06 - 0209702 _____ () C:\Users\JacJefferson\AppData\Local\ars.cache
2015-09-14 01:06 - 2015-09-14 01:06 - 0549069 _____ () C:\Users\JacJefferson\AppData\Local\census.cache
2015-09-14 00:33 - 2015-09-14 00:33 - 0000036 _____ () C:\Users\JacJefferson\AppData\Local\housecall.guid.cache
2015-08-31 07:44 - 2015-08-31 07:44 - 0000743 _____ () C:\Users\JacJefferson\AppData\Local\recently-used.xbel
2015-05-14 03:49 - 2016-01-19 08:06 - 0007614 _____ () C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2015-09-14 00:47 - 2015-09-14 00:47 - 0000010 _____ () C:\Users\JacJefferson\AppData\Local\sponge.last.runtime.cache
2015-08-09 19:47 - 2015-08-09 19:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-04 12:37 - 2012-07-30 01:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 12:37 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2016-01-07 14:58 - 2016-01-07 15:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2016-01-07 14:58 - 2016-01-07 14:58 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\JacJefferson\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-21 16:00

==================== End of FRST.txt ============================

Link to post
Share on other sites

Here's Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by JacJefferson (2016-01-29 06:54:58)
Running from C:\Users\JacJefferson\Desktop
Windows 10 Home (X64) (2015-08-10 04:54:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1844098555-2217923043-3675393532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1844098555-2217923043-3675393532-503 - Limited - Disabled)
Guest (S-1-5-21-1844098555-2217923043-3675393532-501 - Limited - Disabled)
JacJefferson (S-1-5-21-1844098555-2217923043-3675393532-1002 - Administrator - Enabled) => C:\Users\JacJefferson
UpdatusUser (S-1-5-21-1844098555-2217923043-3675393532-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.15 - SecureMix LLC)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM\...\{F73DF121-B04F-4709-B2B6-7E8B13999AF8}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel® Driver Update Utility 2.4 (x32 Version: 2.4.0.5 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4226 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{270e4d1a-19f9-46c3-93b3-e61d4a24ab9f}) (Version: 2.4.0.5 - Intel)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.136 - PandoraTV)
Malwarebytes Anti-Ransomware version 0.9.5.304 (HKLM\...\{6CA75021-FBB0-41A5-B95C-FC1C9E0421F0}_is1) (Version: 0.9.5.304 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.8.1.21 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spotify (HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Hardware Identify (HKLM-x32\...\Tweaking.com - Hardware Identify) (Version: 1.5.0 - Tweaking.com)
Tweaking.com - Remote Desktop IP Monitor & Blocker (HKLM-x32\...\Tweaking.com - Remote Desktop IP Monitor & Blocker) (Version: 1.0.0 - Tweaking.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Technicians Toolbox (HKLM-x32\...\Tweaking.com - Technicians Toolbox) (Version: 1.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.6.1 - Tweaking.com)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0092005F-9193-469C-9751-A28088700552} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {02047003-6E32-4ADB-9488-CFFAF9B1434B} - System32\Tasks\{1A81DC1B-7816-494E-AC5E-E6336F848CEE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.16.85.102/en/go/help.faq.installer?LastError=1618
Task: {038A78CC-E722-4A3C-9A3A-D4D0AD535A05} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-09] (ASUSTek Computer Inc.)
Task: {28BB9A4B-D029-4FE7-AE42-D81ECF08B908} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-06] (Microsoft Corporation)
Task: {2B1B4F91-5FA8-46DD-8F0E-D1F9D4CA31F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {31ADF460-F9BB-4294-833D-F69A4C8747AA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-12-17] (Realtek Semiconductor)
Task: {39FFB257-A6C7-4C6B-9EDA-802A05083F2C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {3B18C9F8-5710-4895-A0D5-2FFACB328E95} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {57F59E5E-477C-48A5-83CE-14F975646860} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {6FDCC624-D2F1-49F4-BF61-6F5AC8A55C44} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-09] (ASUSTek Computer Inc.)
Task: {71C6E97C-ADCF-40F1-BB02-FBCA1A8E0B45} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-17] (Realtek Semiconductor)
Task: {7930F281-987C-4D2C-B492-039D6EF2E335} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {880EE9E4-0FBB-4DFE-86D2-53361478F494} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {8D519DC5-35FB-4CB5-A647-058F50E55D46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {903ECFA9-F3D3-4628-8A24-758E52DC3F23} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-01-08] (Microsoft Corporation)
Task: {938DFF31-EB0D-4F42-A8DD-DFBFD8180567} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A233081D-4F27-4BB0-BBE9-2EAC47C04A62} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-27] (AsusTek)
Task: {ADC656B0-EBE3-4E20-9D48-87F2D84F7173} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-20] (Microsoft Corporation)
Task: {B818AC1C-84F5-4012-8F8F-B8F071D63045} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-06] (Microsoft Corporation)
Task: {CCE1202D-61C5-4D5A-B182-9B6CEA1C82D1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {D8A7771A-BA3C-48CF-BCF5-650B3EA8C276} - System32\Tasks\{994F774C-8219-4FA4-BEFD-6D05E7D520D2} => Chrome.exe hxxp://ui.skype.com/ui/0/7.16.85.102/en/go/help.faq.installer?LastError=1618
Task: {E512EA10-17C1-4B31-863C-6D871DADB6D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-13] (Google Inc.)
Task: {F8D11653-AC40-4DCD-AAA3-7A450DF2B448} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {FC60520C-728E-486C-B65B-54B1AF4F30E3} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job => C:\Users\JacJefferson\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-08-10 03:34 - 2015-08-10 03:34 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-09 19:47 - 2015-12-16 09:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 10:31 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-12-07 05:51 - 2016-01-06 17:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-01-27 03:09 - 2016-01-27 12:37 - 01140704 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-RANSOMWARE\arwlib.dll
2015-09-30 14:49 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 14:49 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-30 14:48 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-10 07:59 - 2015-11-24 23:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-10 07:58 - 2015-11-24 23:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-10 07:58 - 2015-11-24 23:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 14:49 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 11:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-01-27 03:09 - 2015-11-19 12:12 - 00014336 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick.2\qtquick2plugin.dll
2016-01-27 03:09 - 2015-11-19 12:12 - 00014336 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Window.2\windowplugin.dll
2016-01-27 03:09 - 2015-11-19 12:13 - 00803840 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-01-27 03:09 - 2015-11-19 12:13 - 00071168 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-01-27 03:09 - 2015-11-19 12:12 - 00014336 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQml\Models.2\modelsplugin.dll
2016-01-27 03:09 - 2015-11-19 12:13 - 00194560 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Dialogs\dialogplugin.dll
2016-01-27 03:09 - 2015-11-19 12:13 - 00044032 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2016-01-27 03:09 - 2015-11-19 12:12 - 00052736 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2016-01-27 03:09 - 2015-11-19 12:12 - 00024576 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\Qt\labs\settings\qmlsettingsplugin.dll
2012-08-24 11:26 - 2012-08-24 11:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-05-28 23:34 - 2015-05-28 23:34 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll
2012-10-23 09:10 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2016-01-19 08:31 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1844098555-2217923043-3675393532-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Control Panel\Desktop\\Wallpaper -> c:\users\jacjefferson\appdata\local\microsoft\windows\themes\gangster\desktopbackground\image00006.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "AsusVibeLauncher.lnk"
HKLM\...\StartupApproved\Run: => "ACMON"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Speedify"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Speedify"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\StartupApproved\Run: => "Window Hide Tool"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00609B19-192B-48DA-9387-29A01577C387}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{38B9D19B-18DB-4B78-9D10-0676C498D06A}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe

==================== Restore Points =========================

23-01-2016 00:39:10 Malwarebytes Anti-Rootkit Restore Point
27-01-2016 01:15:07 Intel® Driver Update Utility
27-01-2016 01:16:04 Intel® Driver Update Utility
28-01-2016 08:27:56 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/29/2016 04:44:39 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (01/29/2016 04:44:38 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue

Error: (01/29/2016 04:44:33 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (01/29/2016 03:07:08 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.

Error: (01/29/2016 03:07:05 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialised for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalogue

Error: (01/29/2016 03:07:00 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialised for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (01/29/2016 03:05:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZERO-DAY)
Description: Activation of application Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/29/2016 02:18:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 43.0.4.5848 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: fac

Start Time: 01d15a650b0cb122

Termination Time: 25

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 73ac2629-c658-11e5-bfc4-dc85de5b5b64

Faulting package full name:

Faulting package-relative application ID:

Error: (01/29/2016 01:54:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZERO-DAY)
Description: Activation of application Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/29/2016 01:51:20 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry information for WSearchIdxPi for instance   due to the following error: The operation completed successfully.   0x0.


System errors:
=============
Error: (01/29/2016 04:54:14 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error:
%%0

Error: (01/29/2016 04:44:23 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (01/29/2016 04:44:21 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The ATKGFNEX Service service depends on the following service: ASMMAP64. This service might not be installed.

Error: (01/29/2016 04:43:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WWAN AutoConfig service terminated with the following error:
%%997

Error: (01/29/2016 04:43:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/29/2016 04:43:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/29/2016 04:43:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/29/2016 04:43:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/29/2016 03:16:47 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error:
%%0

Error: (01/29/2016 03:07:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053


CodeIntegrity:
===================================
  Date: 2016-01-27 06:11:41.093
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:41.076
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:41.058
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:41.034
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.967
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.704
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.686
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.630
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-27 06:11:40.485
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 30%
Total physical RAM: 8077.48 MB
Available physical RAM: 5604.04 MB
Total Virtual: 9357.48 MB
Available Virtual: 6687.03 MB

==================== Drives ================================

Drive c: (Legal Wife) (Fixed) (Total:278.67 GB) (Free:174.51 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (The Other Woman) (Fixed) (Total:398.17 GB) (Free:279.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: B19F8D36)

Partition: GPT.

==================== End of Addition.txt ============================

Link to post
Share on other sites

Logs look good, no sign of Malware or Infection... run the following to clean up:

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Next,

 

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif
 

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites