Jump to content

Can't get rid of this Adware Hijacker (Chrome)


Recommended Posts

Have no idea how it got there, must have been through a download or an installer (probably PJ64 cause they put adware in their installer) But I can't get rid of it. I ran Malwarebytes, deleted all the objects. Wiped chrome, restarted my PC and it was back. Tried HitmanPRO same thing. As well with ADWcleaner and SpyHunter. I can't get it off my PC

When I click links it redirects me to either "newpoptab" or "securesurf"

 

I've done everything every guide has told me to do. It. Won't. Go. Away. Please help 

Help me.png

Link to post
Share on other sites

Hello MomokaChan and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

user posted imageGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. user posted image
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

user posted imageMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. user posted image Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

user posted imageInternet Explorer - Click the Tools menu in the upper right-corner of the browser. user posted image Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

user posted imageChange default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....

Next,

Follow the instructions in the following link to show hidden files:

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Next,

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
 
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8/10, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.


Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…



Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.


Let me see those logs in your reply...

Thank you,

Kevin...
Link to post
Share on other sites

15 hours ago, kevinf80 said:
Hello MomokaChan and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

user posted imageGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. user posted image
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

user posted imageMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. user posted image Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

user posted imageInternet Explorer - Click the Tools menu in the upper right-corner of the browser. user posted image Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

user posted imageChange default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....

Next,

Follow the instructions in the following link to show hidden files:

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Next,

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
 
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8/10, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.


Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…



Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.


Let me see those logs in your reply...

Thank you,

Kevin...

Got it. Heres Scan.txt 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/28/2016
Scan Time: 7:30 PM
Logfile: 
Administrator: Yes

Version: 0.0.0.0000
Malware Database: v2016.11.28.17
Rootkit Database: v2016.11.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Momoka

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 455989
Time Elapsed: 1 hr, 1 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016
Ran by Momoka (administrator) on MOMOKA-PC (28-11-2016 20:12:08)
Running from C:\Users\Momoka\Desktop
Loaded Profiles: Momoka (Available Profiles: Momoka & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(HTC Corporation) C:\Program Files\HTC Account\Htc.Identity.Service.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\System GoBack Free\bin\Agent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Oculus VR) C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Oculus VR) C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files (x86)\EaseUS\System GoBack Free\bin\TodoBackupService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_1.4.3.0_x86__1sdd7yawvg6ne\EarTrumpet.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Momoka\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Common Files\HTC\Vive\Drivers\vivefs\vivefsm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-06] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [ic-0.1004cb43bac12c.exe -start] => C:\Users\Momoka\AppData\Local\Temp\630562\ic-0.1004cb43bac12c.exe -start <===== ATTENTION
HKU\S-1-5-21-1848980656-2615744051-319276187-1000\...\Run: [Discord] => C:\Users\Momoka\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1848980656-2615744051-319276187-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-1848980656-2615744051-319276187-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [978456 2016-08-02] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1848980656-2615744051-319276187-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-10-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (No File)
GroupPolicyScripts-x32: Restriction <======= ATTENTION
GroupPolicyScripts-x32\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{75dfb7c7-40d0-4986-bcf0-7a1382935e44}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-1848980656-2615744051-319276187-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131175834816941246&GUID=B2E62158-4A39-453D-91C1-5507F276E01E
HKU\S-1-5-21-1848980656-2615744051-319276187-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-1848980656-2615744051-319276187-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Momoka\AppData\Roaming\Mozilla\Firefox\Profiles\nzeczwgt.default-1472515559753 [2016-11-28]
FF HKU\S-1-5-21-1848980656-2615744051-319276187-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default [2016-11-28]
CHR Extension: (BetterTTV) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-11-27]
CHR Extension: (Google Docs) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-27]
CHR Extension: (Google Drive) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (Poper Blocker) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2016-11-27]
CHR Extension: (YouTube) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Adblock Plus) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-27]
CHR Extension: (Google Sheets) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-27]
CHR Extension: (Google Docs Offline) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-27]
CHR Extension: (Chrome Adware Removal) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjplonfbhkbkoiphjgafcpenodglphdj [2016-11-27]
CHR Extension: (Morpheon Dark) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2016-11-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-27]
CHR Extension: (Gmail) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-27]
CHR Extension: (Chrome Media Router) - C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-27]
CHR Profile: C:\Users\Momoka\AppData\Local\Google\Chrome\User Data\System Profile [2016-11-28]
CHR HKU\S-1-5-21-1848980656-2615744051-319276187-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1848980656-2615744051-319276187-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-01] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [445976 2016-08-02] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [425496 2016-08-02] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [462360 2016-08-02] (BlueStack Systems, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\System GoBack Free\bin\Agent.exe [37416 2015-06-23] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-04-28] (Echobit LLC)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [244800 2016-07-07] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-07-07] (GOG.com)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [7680 2016-06-15] (HTC Corporation) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1768912 2015-09-11] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [231560 2015-03-26] (Oculus VR) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-10-28] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [57856 2016-01-10] (Razer Inc.) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [190120 2016-01-29] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [132864 2016-02-26] (Razer Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
R2 ViveFSM; C:\Program Files\Common Files\HTC\Vive\Drivers\vivefs\vivefsm.exe [77648 2016-05-31] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] ()
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2016-08-02] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [75680 2016-05-16] (Dokan Project)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-08-15] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-08-15] (Disc Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-05-09] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2016-05-09] (Disc Soft Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
R3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2016-04-28] (Echobit, LLC)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2016-11-27] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 mirrorv3; C:\WINDOWS\System32\DRIVERS\rminiv3.sys [5632 2012-12-18] (Famatech International Corp.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3baaab0007230109\nvlddmkm.sys [14249416 2016-10-04] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R1 RiftEnabler; C:\WINDOWS\System32\DRIVERS\RiftEnabler.sys [55880 2015-03-26] (Oculus VR, LLC)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51224 2016-05-11] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S1 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 vivefs; C:\WINDOWS\System32\DRIVERS\vivefs.sys [57584 2016-03-21] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-02-19] (Wellbia.com Co., Ltd.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-28 20:12 - 2016-11-28 20:15 - 00025370 _____ C:\Users\Momoka\Desktop\FRST.txt
2016-11-28 20:11 - 2016-11-28 20:11 - 02411520 _____ (Farbar) C:\Users\Momoka\Desktop\FRST64.exe
2016-11-28 20:05 - 2016-11-28 20:10 - 00001044 _____ C:\Users\Momoka\Desktop\scan.txt
2016-11-28 15:55 - 2016-11-28 15:55 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Momoka\Desktop\rkill.exe
2016-11-28 15:52 - 2016-11-28 20:05 - 00001378 _____ C:\Users\Momoka\Desktop\Rkill.txt
2016-11-28 00:25 - 2016-11-28 00:27 - 00017908 _____ C:\Users\Momoka\Downloads\Fixlog.txt
2016-11-28 00:16 - 2016-11-28 00:25 - 00095362 _____ C:\Users\Momoka\Downloads\FRST.txt
2016-11-28 00:15 - 2016-11-28 00:25 - 00162156 _____ C:\Users\Momoka\Downloads\Addition.txt
2016-11-28 00:15 - 2016-11-28 00:15 - 02411520 _____ (Farbar) C:\Users\Momoka\Downloads\FRST64.exe
2016-11-28 00:10 - 2016-11-28 00:10 - 00688992 _____ (Swearware) C:\Users\Momoka\Downloads\dds.scr
2016-11-27 23:30 - 2016-11-27 23:30 - 00438979 _____ C:\Users\Momoka\Downloads\REVO HUD E3-234-V1-0.rar
2016-11-27 23:30 - 2016-11-27 23:30 - 00307991 _____ C:\Users\Momoka\Downloads\E3 SpaceHUD-151-1-0a.zip
2016-11-27 23:29 - 2016-11-27 23:29 - 00020252 _____ C:\Users\Momoka\Downloads\Creatures Revamped V3.0-162-V3-0.zip
2016-11-27 23:29 - 2016-11-27 23:29 - 00009317 _____ C:\Users\Momoka\Downloads\More Creatures V1.5-136-.zip
2016-11-27 23:28 - 2016-11-27 23:28 - 29365565 _____ C:\Users\Momoka\Downloads\Dark Warp v2.0-198-2-0.rar
2016-11-27 23:26 - 2016-11-27 23:26 - 02853638 _____ C:\Users\Momoka\Downloads\DEEP SPACE-71-2-0.zip
2016-11-27 23:26 - 2016-11-27 23:26 - 01093372 _____ C:\Users\Momoka\Downloads\NMS Model Importer-304-0-7.7z
2016-11-27 23:25 - 2016-11-27 23:25 - 00009496 _____ C:\Users\Momoka\Downloads\LowFlight by Hytek-80-2-0.zip
2016-11-27 20:38 - 2016-11-28 15:52 - 00000000 ____D C:\Users\Momoka\AppData\Local\Google
2016-11-27 20:38 - 2016-11-27 20:38 - 01065376 _____ (Google Inc.) C:\Users\Momoka\Downloads\ChromeSetup(1).exe
2016-11-27 19:37 - 2016-11-27 19:37 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-11-27 19:35 - 2016-11-27 19:35 - 00000000 ____D C:\Users\Momoka\Downloads\HitmanPro 3.7.14 Build 276 + Patch
2016-11-27 19:34 - 2016-11-27 19:34 - 00000000 ____D C:\Users\Momoka\AppData\LocalLow\uTorrent
2016-11-27 16:57 - 2016-11-27 16:58 - 11581544 _____ (SurfRight B.V.) C:\Users\Momoka\Downloads\hitmanpro_x64.exe
2016-11-27 16:39 - 2016-11-27 16:39 - 22851472 _____ (Malwarebytes ) C:\Users\Momoka\Downloads\mbam-setup-2.2.1.1043 (2).exe
2016-11-27 16:20 - 2016-11-27 16:20 - 03910208 _____ C:\Users\Momoka\Downloads\adwcleaner_6.030 (1).exe
2016-11-27 16:17 - 2016-11-27 16:17 - 01065376 _____ (Google Inc.) C:\Users\Momoka\Downloads\ChromeSetup (1).exe
2016-11-26 15:29 - 2016-11-26 15:29 - 04599725 _____ C:\Users\Momoka\Downloads\powersaves3ds-software-145.zip
2016-11-26 00:07 - 2016-11-26 00:07 - 22851472 _____ (Malwarebytes ) C:\Users\Momoka\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-26 00:07 - 2016-11-26 00:07 - 22851472 _____ (Malwarebytes ) C:\Users\Momoka\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-25 23:16 - 2016-11-25 23:16 - 03910208 _____ C:\Users\Momoka\Downloads\adwcleaner_6.030.exe
2016-11-25 22:46 - 2016-11-25 22:47 - 172729050 _____ C:\Users\Momoka\Downloads\Pokémon Essentials DS v2.0.rar
2016-11-25 22:42 - 2016-11-25 22:42 - 22851611 _____ C:\Users\Momoka\Downloads\Zeak Map Pack (1).rar
2016-11-25 22:33 - 2016-11-25 22:33 - 00000000 ____D C:\Users\Momoka\Documents\RPGXP
2016-11-25 22:30 - 2016-11-25 22:51 - 00001734 ___SH C:\WINDOWS\SysWOW64\KGyGaAvL.sys
2016-11-25 22:30 - 2016-11-25 22:30 - 00000056 __RSH C:\WINDOWS\SysWOW64\269E736CF9.sys
2016-11-25 22:27 - 2016-11-25 22:29 - 00002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP.lnk
2016-11-25 22:21 - 2016-11-25 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP
2016-11-25 22:18 - 2016-11-25 22:18 - 28548304 _____ (Enterbrain ) C:\Users\Momoka\Downloads\RPGXP_E.exe
2016-11-25 22:16 - 2016-11-25 22:16 - 31110888 _____ C:\Users\Momoka\Downloads\RPG Maker xp 1.02a.zip
2016-11-25 22:08 - 2016-11-25 22:08 - 00000000 ____D C:\Program Files (x86)\Enterbrain
2016-11-25 22:07 - 2016-11-25 22:07 - 00659341 _____ C:\Users\Momoka\Downloads\rgss102e.zip
2016-11-25 22:07 - 2011-03-20 23:28 - 00778752 _____ C:\WINDOWS\system32\rgss102e.dll
2016-11-25 22:04 - 2016-11-25 22:04 - 00000000 ____D C:\Users\Momoka\Downloads\RPG Maker XP
2016-11-25 21:56 - 2016-11-25 21:56 - 63092094 ____R C:\Users\Momoka\Downloads\RPG Maker XP.rar
2016-11-25 20:39 - 2016-11-25 20:39 - 00000000 ____D C:\Users\Momoka\AppData\LocalLow\(Base by IIcolour)
2016-11-25 20:10 - 2016-11-25 20:11 - 252157656 _____ (TTGJailbreak) C:\Users\Momoka\Downloads\Pokémon Uranium.exe
2016-11-25 20:05 - 2016-11-25 20:05 - 67191345 _____ (TTGJailbreak) C:\Users\Momoka\Downloads\Uranium Patch Installer.exe
2016-11-21 00:46 - 2016-11-21 00:51 - 1116097845 _____ C:\Users\Momoka\Downloads\Pokemon-Uncensored_Beta-1.rar
2016-11-21 00:45 - 2016-11-21 00:45 - 40971857 _____ C:\Users\Momoka\Downloads\PSG.zip
2016-11-21 00:07 - 2016-11-21 00:07 - 91001082 _____ C:\Users\Momoka\Downloads\MRMX-OS System 3.2.2 PVP & GTS.rar
2016-11-21 00:07 - 2016-11-21 00:07 - 04727182 _____ C:\Users\Momoka\Downloads\Launcher MRMX.rar
2016-11-21 00:06 - 2016-11-21 00:06 - 02386250 _____ C:\Users\Momoka\Downloads\MRMX-OS Server.rar
2016-11-20 22:03 - 2016-11-20 22:04 - 81932606 _____ C:\Users\Momoka\Downloads\0.53.3.zip
2016-11-20 22:03 - 2016-11-20 22:03 - 79993283 _____ C:\Users\Momoka\Downloads\Pokemon 3D.Client.rar
2016-11-20 22:02 - 2016-11-20 22:02 - 452861637 _____ C:\Users\Momoka\Downloads\POKEMONGREEN SERVER+CLIENT .rar
2016-11-20 22:01 - 2016-11-20 22:01 - 01753451 _____ C:\Users\Momoka\Downloads\Pokemon.3D.Server.zip
2016-11-20 22:00 - 2016-11-20 22:04 - 373761964 _____ C:\Users\Momoka\Downloads\P3D-Legacy-master.zip
2016-11-20 21:59 - 2016-11-20 21:59 - 14858769 _____ C:\Users\Momoka\Downloads\pokemon web.rar
2016-11-18 17:32 - 2016-11-18 17:32 - 02041791 _____ C:\Users\Momoka\Downloads\PKHeX.12-20-15.zip
2016-11-18 17:31 - 2016-11-18 17:31 - 01963108 _____ C:\Users\Momoka\Downloads\PKHeX (01-28-15b).zip
2016-11-18 16:46 - 2016-11-18 16:46 - 00218389 _____ C:\Users\Momoka\Downloads\Luma3DSv6.6.7z
2016-11-18 16:29 - 2016-11-18 16:29 - 00481984 _____ C:\Users\Momoka\Downloads\JKSM_3DSX (1).zip
2016-11-18 00:22 - 2016-11-18 00:31 - 1200577903 _____ C:\Users\Momoka\Downloads\PS1.3.7Fix.rar
2016-11-18 00:20 - 2016-11-18 00:21 - 22851611 _____ C:\Users\Momoka\Downloads\Zeak Map Pack.rar
2016-11-17 20:35 - 2016-11-17 21:41 - 330219932 _____ C:\Users\Momoka\Downloads\Ultimate BW Pack7.zip
2016-11-17 20:34 - 2016-11-17 20:34 - 266897623 _____ C:\Users\Momoka\Downloads\Essentials BW V3_1_1.rar
2016-11-17 20:21 - 2016-11-17 20:22 - 32524177 _____ C:\Users\Momoka\Downloads\Pokémon Essentials v16 2015-12-07.zip
2016-11-17 20:21 - 2016-11-17 20:21 - 01045301 _____ C:\Users\Momoka\Downloads\Pokémon Essentials v16.1 2015-12-26.zip
2016-11-17 20:21 - 2016-11-17 20:21 - 01040325 _____ C:\Users\Momoka\Downloads\Pokémon Essentials v16.2 2016-05-21 (1).zip
2016-11-17 20:19 - 2016-11-17 20:19 - 01040325 _____ C:\Users\Momoka\Downloads\Pokémon Essentials v16.2 2016-05-21.zip
2016-11-16 22:56 - 2016-11-16 22:56 - 06793938 _____ C:\Users\Momoka\Downloads\Pokemon Adventure Red Chapter Beta 11E.zip
2016-11-16 22:40 - 2016-11-16 22:40 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-11-16 22:06 - 2016-11-16 22:38 - 96858445 _____ C:\Users\Momoka\Downloads\MRMX-OS System 3.2.2 PVP & GTS + SERVER FILES REPACK.zip
2016-11-16 22:04 - 2016-11-16 22:05 - 138175237 _____ C:\Users\Momoka\Downloads\PRO Client 10-27-2016.zip
2016-11-16 22:02 - 2016-11-16 22:27 - 353598258 _____ C:\Users\Momoka\Downloads\Pokemon Celestite Version 1.2 PC.zip
2016-11-16 22:02 - 2016-11-16 22:02 - 06460880 _____ C:\Users\Momoka\Downloads\Pokemon Celestite Version 1.2 [Patch].zip
2016-11-16 19:54 - 2016-11-16 19:54 - 00004367 _____ C:\Users\Momoka\Downloads\POKEMON_SAPP_AXPE02_NONSHINY.zip
2016-11-15 23:13 - 2016-11-15 23:35 - 539530246 _____ C:\Users\Momoka\Downloads\3DS1348 - Animal Crossing - Happy Home Designer (Usa).rar
2016-11-15 20:30 - 2016-11-15 20:30 - 00000000 ____D C:\Users\Momoka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Chronicles
2016-11-15 20:27 - 2016-11-15 20:30 - 00000000 ____D C:\Program Files (x86)\Pokémon Chronicles
2016-11-15 17:26 - 2016-11-15 17:26 - 734003200 _____ C:\Users\Momoka\Downloads\Pokémon Chronicles.part2.rar
2016-11-15 17:25 - 2016-11-15 17:25 - 734003200 _____ C:\Users\Momoka\Downloads\Pokémon Chronicles.part1.rar
2016-11-15 17:19 - 2016-11-15 17:19 - 131062401 _____ C:\Users\Momoka\Downloads\Pokémon Chronicles.part3.rar
2016-11-14 22:03 - 2016-11-14 22:03 - 02706695 _____ C:\Users\Momoka\Downloads\Pocket Monster - Pokemon Emerald.zip
2016-11-14 20:15 - 2016-11-14 20:15 - 00000000 ____D C:\Users\Momoka\AppData\Local\Chromium
2016-11-14 00:02 - 2016-11-14 00:02 - 22478077 _____ C:\Users\Momoka\Downloads\SkyrimSE Re-Engaged V2.6a (ReShade and ENB)-1089-2-6a.7z
2016-11-14 00:02 - 2016-11-14 00:02 - 07958912 _____ C:\Users\Momoka\Downloads\Nyclix's RealVision Inspired ENB-Reshade 1.8-3352-1-8.zip
2016-11-14 00:02 - 2016-11-14 00:02 - 00010585 _____ C:\Users\Momoka\Downloads\SkyrimSE Re-Engaged STRONGER DOF Optional Add On-1089-2-6c.7z
2016-11-14 00:01 - 2016-11-14 00:01 - 10506399 _____ C:\Users\Momoka\Downloads\Placeable Statics-342-1-0.zip
2016-11-14 00:00 - 2016-11-14 00:02 - 119812034 _____ C:\Users\Momoka\Downloads\HD-LODs-Textures-SE V2.0 512 (1k near - 512 far)-3333-2-0.zip
2016-11-14 00:00 - 2016-11-14 00:00 - 37117470 _____ C:\Users\Momoka\Downloads\PCA_SSE v1376-3761-1-376.7z
2016-11-14 00:00 - 2016-11-14 00:00 - 17170465 _____ C:\Users\Momoka\Downloads\HD-LODs Less blue Glacier and Ice 1k-512 Hotfix-3333-2-0a.zip
2016-11-13 22:32 - 2016-11-13 22:33 - 611000367 _____ C:\Users\Momoka\Downloads\Pokemon Hacks Collection.7z
2016-11-13 00:04 - 2016-11-13 00:05 - 21091311 _____ C:\Users\Momoka\Downloads\Elemental Destruction Magic SE-440-1-1-0.7z
2016-11-13 00:03 - 2016-11-13 00:03 - 00193683 _____ C:\Users\Momoka\Downloads\VioLens - A Killmove Mod SE 1.0-668-1-0.7z
2016-11-13 00:01 - 2016-11-13 00:01 - 06652884 _____ C:\Users\Momoka\Downloads\Dust Pile v2-1838.rar
2016-11-12 19:05 - 2016-11-12 19:05 - 12290014 _____ C:\Users\Momoka\Downloads\Footprints-3808-1-5-1.7z
2016-11-12 19:04 - 2016-11-12 19:05 - 62680786 _____ C:\Users\Momoka\Downloads\Unique Uniques SE-3334-1-0.7z
2016-11-12 19:03 - 2016-11-12 19:21 - 1093036414 _____ C:\Users\Momoka\Downloads\Immersive Armors 8.1 SSE Test-3479-8-1.7z
2016-11-12 19:02 - 2016-11-12 19:04 - 79495163 _____ C:\Users\Momoka\Downloads\True Eyes Special Edition 1.1a-2195-1-1a.7z
2016-11-12 19:02 - 2016-11-12 19:02 - 11774346 _____ C:\Users\Momoka\Downloads\Mountains-2347-.7z
2016-11-12 19:01 - 2016-11-12 19:08 - 440934156 _____ C:\Users\Momoka\Downloads\4K Diffuse 2K Normalmap - High Hrothgar-2347-.7z
2016-11-12 19:01 - 2016-11-12 19:06 - 255782400 _____ C:\Users\Momoka\Downloads\4K - 2K Landscape-2347- (1).7z
2016-11-12 19:00 - 2016-11-12 19:09 - 485356698 _____ C:\Users\Momoka\Downloads\4K Diffuse 2K Normal map - Whiterun-2347-.7z
2016-11-12 19:00 - 2016-11-12 19:03 - 209251227 _____ C:\Users\Momoka\Downloads\ApachiiSkyHair_v_1_6_Full-2014-1-6-Full (1).7z
2016-11-12 19:00 - 2016-11-12 19:01 - 39124055 _____ C:\Users\Momoka\Downloads\Frozen Electrocuted Combustion-3532-v1-4b.7z
2016-11-12 19:00 - 2016-11-12 19:01 - 38355895 _____ C:\Users\Momoka\Downloads\4K Diffuse 2K Normalmap - Bridges-2347-.7z
2016-11-12 19:00 - 2016-11-12 19:00 - 00390169 _____ C:\Users\Momoka\Downloads\Frozen Electrocuted Combustion - Realistic Edition-3532-v1-4b.7z
2016-11-12 18:59 - 2016-11-12 19:06 - 383910066 _____ C:\Users\Momoka\Downloads\ApachiiSkyHairFemale_v_1_5-2014-1-5.7z
2016-11-12 18:59 - 2016-11-12 19:02 - 153869056 _____ C:\Users\Momoka\Downloads\ApachiiSkyHairMale_v_1_2-2014-1-2.7z
2016-11-12 18:59 - 2016-11-12 18:59 - 28958940 _____ C:\Users\Momoka\Downloads\Northguard Ranger Armour 1.2-3607-1-2.zip
2016-11-12 18:59 - 2016-11-12 18:59 - 01274047 _____ C:\Users\Momoka\Downloads\Face Masks of Skyrim-1953-1.7z
2016-11-12 18:58 - 2016-11-12 18:58 - 00068316 _____ C:\Users\Momoka\Downloads\DSHg - NMM Installer-2266-1-0.rar
2016-11-12 18:51 - 2016-11-12 18:52 - 83161697 _____ C:\Users\Momoka\Downloads\Sjel Blad Castle - Special Edition-2620-v1-44.zip
2016-11-12 18:51 - 2016-11-12 18:51 - 01738911 _____ C:\Users\Momoka\Downloads\Skyrim Pizza-3996-1.zip
2016-11-12 18:51 - 2016-11-12 18:51 - 00000454 _____ C:\Users\Momoka\Downloads\Infinite Torches-3879-1-0.rar
2016-11-12 18:50 - 2016-11-12 18:50 - 14814961 _____ C:\Users\Momoka\Downloads\Birds of Skyrim SSE Edition-3097-1-0.7z
2016-11-12 18:50 - 2016-11-12 18:50 - 09919998 _____ C:\Users\Momoka\Downloads\FNIS Behavior SE V7_0 Beta-3038-7-0-Beta (1).zip
2016-11-12 18:50 - 2016-11-12 18:50 - 00345636 _____ C:\Users\Momoka\Downloads\N.M.U.S.R-4010-1.7z
2016-11-12 13:43 - 2016-11-12 13:44 - 3204268032 _____ C:\Users\Momoka\Downloads\moon-alt.3ds
2016-11-11 23:45 - 2016-11-11 23:45 - 00032194 _____ C:\Users\Momoka\Downloads\Seel.jpeg
2016-11-11 23:44 - 2016-11-11 23:44 - 00027300 _____ C:\Users\Momoka\Downloads\Mewtwo.jpeg
2016-11-11 23:43 - 2016-11-11 23:43 - 00034976 _____ C:\Users\Momoka\Downloads\Weedle.jpeg
2016-11-11 23:41 - 2016-11-11 23:41 - 00035734 _____ C:\Users\Momoka\Downloads\Omanyte.jpeg
2016-11-11 23:40 - 2016-11-11 23:40 - 00051089 _____ C:\Users\Momoka\Downloads\Mankey.jpeg
2016-11-11 23:40 - 2016-11-11 23:40 - 00037865 _____ C:\Users\Momoka\Downloads\Abra.jpeg
2016-11-11 23:39 - 2016-11-11 23:39 - 00041069 _____ C:\Users\Momoka\Downloads\Aerodactyl.jpeg
2016-11-10 20:26 - 2016-11-10 20:26 - 00000000 ____D C:\Users\Momoka\Documents\Frontier Developments
2016-11-09 21:21 - 2016-11-09 21:21 - 06720512 _____ (ProjectPokémon) C:\Users\Momoka\Downloads\PKHeX.exe
2016-11-09 21:19 - 2016-11-09 21:19 - 02783674 _____ C:\Users\Momoka\Downloads\JKSM.6-30-2016.zip
2016-11-09 21:17 - 2016-11-09 21:17 - 00481984 _____ C:\Users\Momoka\Downloads\JKSM_3DSX.zip
2016-11-09 21:14 - 2016-11-12 14:01 - 00000000 ____D C:\Users\Momoka\AppData\Local\ProjectPokémon
2016-11-09 21:08 - 2016-11-09 21:08 - 02867787 _____ C:\Users\Momoka\Downloads\PKHeX.zip
2016-11-09 21:07 - 2016-11-09 21:07 - 04055595 _____ C:\Users\Momoka\Downloads\PKHeX-master.zip
2016-11-09 20:54 - 2016-11-09 20:54 - 33326391 _____ C:\Users\Momoka\Downloads\RS Children Overhaul-2650-1-0-1.7z
2016-11-09 20:54 - 2016-11-09 20:54 - 26933471 _____ C:\Users\Momoka\Downloads\RSSE Children Overhaul Fixed-2650-1-0.7z
2016-11-09 20:54 - 2016-11-09 20:54 - 16555663 _____ C:\Users\Momoka\Downloads\skyBirds SSE Edition-2315-0-94.7z
2016-11-09 20:54 - 2016-11-09 20:54 - 09919998 _____ C:\Users\Momoka\Downloads\FNIS Behavior SE V7_0 Beta-3038-7-0-Beta.zip
2016-11-09 20:54 - 2016-11-09 20:54 - 05205879 _____ C:\Users\Momoka\Downloads\FNIS Spells SE 7.0-3038-7-0.zip
2016-11-08 21:41 - 2016-11-08 21:41 - 00498624 _____ C:\Users\Momoka\Downloads\savedatafiler.cia
2016-11-08 21:40 - 2016-11-08 21:40 - 00183129 _____ C:\Users\Momoka\Downloads\save_manager.7z
2016-11-08 16:22 - 2016-11-02 06:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-08 16:22 - 2016-11-02 06:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-08 16:22 - 2016-11-02 05:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-08 16:22 - 2016-11-02 05:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-08 16:22 - 2016-11-02 05:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-08 16:22 - 2016-11-02 05:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-08 16:22 - 2016-11-02 05:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-08 16:22 - 2016-11-02 05:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-08 16:22 - 2016-11-02 05:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-08 16:22 - 2016-11-02 05:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-08 16:22 - 2016-11-02 05:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-08 16:22 - 2016-11-02 05:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-08 16:22 - 2016-11-02 05:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-08 16:22 - 2016-11-02 05:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-08 16:22 - 2016-11-02 05:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-08 16:22 - 2016-11-02 05:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-08 16:22 - 2016-11-02 05:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-08 16:22 - 2016-11-02 05:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-08 16:22 - 2016-11-02 05:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-08 16:22 - 2016-11-02 05:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-08 16:22 - 2016-11-02 05:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-08 16:22 - 2016-11-02 05:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-08 16:22 - 2016-11-02 05:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-08 16:22 - 2016-11-02 05:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-08 16:22 - 2016-11-02 05:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-08 16:22 - 2016-11-02 05:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-08 16:22 - 2016-11-02 05:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-08 16:22 - 2016-11-02 05:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-08 16:22 - 2016-11-02 05:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-08 16:22 - 2016-11-02 05:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-08 16:22 - 2016-11-02 04:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-08 16:22 - 2016-11-02 04:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-08 16:22 - 2016-11-02 04:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-08 16:22 - 2016-11-02 04:49 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-11-08 16:22 - 2016-11-02 04:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-08 16:22 - 2016-11-02 04:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-08 16:22 - 2016-11-02 04:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-08 16:22 - 2016-11-02 04:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-08 16:22 - 2016-11-02 04:46 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-11-08 16:22 - 2016-11-02 04:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-08 16:22 - 2016-11-02 04:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-08 16:22 - 2016-11-02 04:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-08 16:22 - 2016-11-02 04:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-08 16:22 - 2016-11-02 04:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-08 16:22 - 2016-11-02 04:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-08 16:22 - 2016-11-02 04:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-08 16:22 - 2016-11-02 04:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-08 16:22 - 2016-11-02 04:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-08 16:22 - 2016-11-02 04:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-08 16:22 - 2016-11-02 04:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-08 16:22 - 2016-11-02 04:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-08 16:22 - 2016-11-02 04:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-08 16:22 - 2016-11-02 04:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-08 16:22 - 2016-11-02 04:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-08 16:22 - 2016-11-02 04:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-08 16:22 - 2016-11-02 04:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-08 16:22 - 2016-11-02 04:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-08 16:22 - 2016-11-02 04:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-08 16:22 - 2016-11-02 04:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-11-08 16:22 - 2016-11-02 04:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-08 16:22 - 2016-11-02 04:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-08 16:22 - 2016-11-02 04:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-08 16:22 - 2016-11-02 04:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-08 16:22 - 2016-11-02 04:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-08 16:22 - 2016-11-02 04:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-08 16:22 - 2016-11-02 04:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-08 16:22 - 2016-11-02 04:30 - 04977664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-11-08 16:22 - 2016-11-02 04:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-08 16:22 - 2016-11-02 04:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-08 16:22 - 2016-11-02 04:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-11-08 16:22 - 2016-11-02 04:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-08 16:22 - 2016-11-02 04:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-08 16:22 - 2016-11-02 04:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-08 16:22 - 2016-11-02 04:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-08 16:22 - 2016-11-02 04:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-08 16:22 - 2016-11-02 04:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-08 16:22 - 2016-11-02 04:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-08 16:22 - 2016-11-02 04:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-08 16:22 - 2016-11-02 04:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-08 16:22 - 2016-11-02 04:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-08 16:22 - 2016-11-02 04:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-08 16:22 - 2016-11-02 04:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-08 16:22 - 2016-11-02 04:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-08 16:22 - 2016-11-02 04:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-08 16:22 - 2016-11-02 04:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-08 16:22 - 2016-11-02 04:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-08 16:22 - 2016-11-02 04:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-08 16:22 - 2016-11-02 04:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-08 16:22 - 2016-11-02 04:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-08 16:22 - 2016-11-02 04:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-08 16:22 - 2016-11-02 04:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-08 16:22 - 2016-11-02 04:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-08 16:22 - 2016-11-02 04:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-08 16:22 - 2016-11-02 04:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-08 16:22 - 2016-11-02 04:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-08 16:22 - 2016-11-02 04:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-08 16:22 - 2016-11-02 04:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-08 16:22 - 2016-11-02 04:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-08 16:22 - 2016-11-02 04:19 - 06582784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-11-08 16:22 - 2016-11-02 04:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-08 16:22 - 2016-11-02 04:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-08 16:22 - 2016-11-02 04:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-08 16:22 - 2016-11-02 04:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-08 16:22 - 2016-11-02 04:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-08 16:22 - 2016-11-02 04:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-08 16:22 - 2016-11-02 04:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-08 16:22 - 2016-11-02 04:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-08 16:22 - 2016-11-02 04:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-08 16:22 - 2016-11-02 04:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-08 16:22 - 2016-11-02 04:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-08 16:22 - 2016-11-02 04:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-08 16:22 - 2016-11-02 04:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-08 16:22 - 2016-11-02 04:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-08 16:22 - 2016-11-02 04:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-08 16:22 - 2016-11-02 04:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-08 16:22 - 2016-11-02 02:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-08 16:21 - 2016-11-02 05:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-08 16:21 - 2016-11-02 05:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-08 16:21 - 2016-11-02 05:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-08 16:21 - 2016-11-02 05:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-08 16:21 - 2016-11-02 05:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-08 16:21 - 2016-11-02 05:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-08 16:21 - 2016-11-02 05:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-08 16:21 - 2016-11-02 05:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-08 16:21 - 2016-11-02 05:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-08 16:21 - 2016-11-02 05:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-08 16:21 - 2016-11-02 05:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-08 16:21 - 2016-11-02 05:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-08 16:21 - 2016-11-02 05:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-08 16:21 - 2016-11-02 05:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-08 16:21 - 2016-11-02 05:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-08 16:21 - 2016-11-02 05:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-08 16:21 - 2016-11-02 05:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-08 16:21 - 2016-11-02 05:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-08 16:21 - 2016-11-02 05:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-08 16:21 - 2016-11-02 05:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-08 16:21 - 2016-11-02 04:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-08 16:21 - 2016-11-02 04:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-08 16:21 - 2016-11-02 04:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-08 16:21 - 2016-11-02 04:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-08 16:21 - 2016-11-02 04:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-08 16:21 - 2016-11-02 04:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-08 16:21 - 2016-11-02 04:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-08 16:21 - 2016-11-02 04:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-08 16:21 - 2016-11-02 04:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-08 16:21 - 2016-11-02 04:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-08 16:21 - 2016-11-02 04:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-08 16:21 - 2016-11-02 04:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-08 16:21 - 2016-11-02 04:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-08 16:21 - 2016-11-02 04:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-08 16:21 - 2016-11-02 04:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-08 16:21 - 2016-11-02 04:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-08 16:21 - 2016-11-02 04:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-08 16:21 - 2016-11-02 04:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-08 16:21 - 2016-11-02 04:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-08 16:21 - 2016-11-02 04:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-08 16:21 - 2016-11-02 04:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 16:21 - 2016-11-02 04:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-08 16:21 - 2016-11-02 04:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-08 16:21 - 2016-11-02 04:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-08 16:21 - 2016-11-02 04:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-08 16:21 - 2016-11-02 04:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-08 16:21 - 2016-11-02 04:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-08 16:21 - 2016-11-02 04:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-08 16:21 - 2016-11-02 04:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-08 16:21 - 2016-11-02 04:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-08 16:21 - 2016-11-02 04:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-08 16:21 - 2016-11-02 04:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-08 16:21 - 2016-11-02 04:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-08 16:21 - 2016-11-02 04:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-08 16:21 - 2016-11-02 04:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-08 16:21 - 2016-11-02 04:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-08 16:21 - 2016-11-02 04:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-08 16:21 - 2016-11-02 04:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-08 16:21 - 2016-11-02 04:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-08 16:21 - 2016-11-02 04:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-08 16:21 - 2016-11-02 04:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-08 16:21 - 2016-11-02 04:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-08 16:21 - 2016-11-02 04:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-08 16:21 - 2016-11-02 04:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-08 16:21 - 2016-11-02 04:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-08 16:21 - 2016-11-02 04:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 16:21 - 2016-11-02 04:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-08 16:21 - 2016-11-02 04:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-08 16:21 - 2016-11-02 04:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-08 16:21 - 2016-11-02 04:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-08 16:21 - 2016-11-02 04:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-08 16:21 - 2016-11-02 04:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-08 16:21 - 2016-11-02 04:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-08 16:21 - 2016-11-02 04:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-08 16:21 - 2016-11-02 04:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-08 16:21 - 2016-11-02 04:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-08 16:21 - 2016-11-02 04:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-08 16:21 - 2016-11-02 04:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-08 16:21 - 2016-11-02 04:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-08 16:21 - 2016-11-02 04:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-08 16:21 - 2016-11-02 04:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-08 16:21 - 2016-11-02 04:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-08 16:21 - 2016-11-02 04:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-08 16:21 - 2016-11-02 04:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-08 16:21 - 2016-11-02 04:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-08 16:21 - 2016-11-02 04:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-08 16:21 - 2016-11-02 04:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-08 16:21 - 2016-11-02 04:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-08 16:21 - 2016-11-02 04:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-08 16:21 - 2016-11-02 04:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-08 16:21 - 2016-11-02 04:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-08 16:21 - 2016-11-02 04:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-08 16:21 - 2016-11-02 04:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-08 16:21 - 2016-11-02 04:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-08 16:21 - 2016-11-02 04:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-08 16:21 - 2016-11-02 04:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-08 16:21 - 2016-11-02 04:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-08 16:21 - 2016-11-02 04:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-08 16:21 - 2016-11-02 04:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-08 16:21 - 2016-11-02 04:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-08 16:21 - 2016-11-02 04:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-08 16:21 - 2016-11-02 04:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-08 16:21 - 2016-11-02 04:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-08 16:21 - 2016-11-02 04:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-08 16:21 - 2016-11-02 03:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-08 16:21 - 2016-11-02 03:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-08 16:21 - 2016-08-01 22:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-08 16:12 - 2016-11-08 16:12 - 00086604 _____ C:\Users\Momoka\Downloads\firmware_v112-1.rar
2016-11-08 16:01 - 2016-11-08 16:06 - 1677721600 _____ C:\Users\Momoka\Downloads\Pokemon Moon (All) (C2).part1.rar
2016-11-08 16:01 - 2016-11-08 16:06 - 1625822343 _____ C:\Users\Momoka\Downloads\Pokemon Moon (All) (C2).part2.rar
2016-11-07 21:55 - 2016-11-07 21:58 - 221217903 _____ C:\Users\Momoka\Downloads\Unp Scarlet Dawn Color Variants-3412-.rar
2016-11-07 20:20 - 2016-11-07 20:20 - 00143243 _____ C:\Users\Momoka\Downloads\Kill Every NPC v1_2-18388-1-2.7z
2016-11-07 15:27 - 2016-11-07 15:27 - 02057363 _____ C:\Users\Momoka\Downloads\Mr. Siika Ravens and Vultures for Skyrim SE-3323-.7z
2016-11-06 23:44 - 2016-11-06 23:44 - 01981190 _____ C:\Users\Momoka\Downloads\Creating a Playable Race - Tutorial v1-3-10165-1-3.7z
2016-11-06 23:44 - 2016-11-06 23:44 - 00003970 _____ C:\Users\Momoka\Downloads\GenericRaceController v1-3-10165-1-3.7z
2016-11-06 21:39 - 2016-11-06 21:40 - 36244926 _____ C:\Users\Momoka\Downloads\DSI High v1_6_1-2947-1-6-1.7z
2016-11-06 21:16 - 2016-11-06 21:17 - 19723966 _____ C:\Users\Momoka\Downloads\Replacement Ivy 4096-1878-1-0-1.zip
2016-11-06 21:16 - 2016-11-06 21:17 - 102436946 _____ C:\Users\Momoka\Downloads\Cover Woods 4096-60566-1.rar
2016-11-06 21:16 - 2016-11-06 21:16 - 11047348 _____ C:\Users\Momoka\Downloads\HD Ivy - 2014 EDITION - 4K-30971-3-0-1.7z
2016-11-06 21:15 - 2016-11-06 21:15 - 19627296 _____ C:\Users\Momoka\Downloads\4K Parallax Treebark 1.4.0-61875-1-4-0.7z
2016-11-06 20:49 - 2016-11-06 20:52 - 127616190 _____ C:\Users\Momoka\Downloads\Levelers Tower v4_2a SSE-2692-4-2a.7z
2016-11-06 20:49 - 2016-11-06 20:49 - 01408806 _____ C:\Users\Momoka\Downloads\Levelers Tower Dark Face Fix-2692-4-1Face.7z
2016-11-06 20:39 - 2016-11-06 20:39 - 00029930 _____ C:\Users\Momoka\Downloads\Cyrn ENB 1.3-2823-1-3.rar
2016-11-06 20:39 - 2016-11-06 20:39 - 00022836 _____ C:\Users\Momoka\Downloads\Candy EYE - SE Edition WIP ..-2614-.rar
2016-11-06 20:38 - 2016-11-06 20:40 - 106011971 _____ C:\Users\Momoka\Downloads\Shadowstar Castle v1.0-3227-1-0.rar
2016-11-06 20:38 - 2016-11-06 20:39 - 06746360 _____ C:\Users\Momoka\Downloads\Dreamvision ENB v1.0-649-1-0.rar
2016-11-06 20:37 - 2016-11-06 20:37 - 12042462 _____ C:\Users\Momoka\Downloads\Infinity Blade 2.1.0-3249-2-1-0.zip
2016-11-06 20:36 - 2016-11-06 20:36 - 10241575 _____ C:\Users\Momoka\Downloads\Luminous ENB for SSE v1.1-197-1-1.zip
2016-11-06 16:53 - 2016-11-06 16:55 - 108813448 _____ C:\Users\Momoka\Downloads\Enhanced Blood Textures SE-2357-3-72.7z
2016-11-06 14:26 - 2016-11-06 14:26 - 00001034 _____ C:\Users\Momoka\Downloads\Enhanced Dawnbreaker-1919-v1-0-0.rar
2016-11-06 14:25 - 2016-11-06 14:26 - 64636113 _____ C:\Users\Momoka\Downloads\Real Bows-3144-1-05.zip
2016-11-06 14:25 - 2016-11-06 14:26 - 34149916 _____ C:\Users\Momoka\Downloads\SLF Hair installer ALl-IN-ONE-3208-2-03.7z
2016-11-06 14:22 - 2016-11-06 14:22 - 00487083 _____ C:\Users\Momoka\Downloads\Consistent Basket Textures-3183-1-0.7z
2016-11-05 22:40 - 2016-11-05 22:42 - 68883696 _____ C:\Users\Momoka\Downloads\Ultimate HD Fire Effects -Ultra Version--28642-1-9.zip
2016-11-05 22:38 - 2016-11-05 22:50 - 745881021 _____ C:\Users\Momoka\Downloads\SSE Texture Pack 1.1-1782-1-1.rar
2016-11-05 22:37 - 2016-11-05 22:38 - 35432746 _____ C:\Users\Momoka\Downloads\RUSTIC ANIMATED POTIONS and POISONS 2K-2276-1-1.rar
2016-11-05 22:01 - 2016-11-05 22:05 - 209251227 _____ C:\Users\Momoka\Downloads\ApachiiSkyHair_v_1_6_Full-2014-1-6-Full.7z
2016-11-05 21:54 - 2016-11-05 21:54 - 01525997 _____ C:\Users\Momoka\Downloads\Blue Fire Magic SE-452-1-0.zip
2016-11-05 20:22 - 2016-11-05 20:27 - 312325097 _____ C:\Users\Momoka\Downloads\aMidianBorn book of silence_WEAPONS-24909-1-9.7z
2016-11-05 20:22 - 2016-11-05 20:23 - 102628905 _____ C:\Users\Momoka\Downloads\aMidianBorn book of silence_UNIQUE ITEMS-24909-1-9.7z
2016-11-05 20:21 - 2016-11-05 20:27 - 372634763 _____ C:\Users\Momoka\Downloads\aMidianBorn book of silence_ARMORS-24909-1-9.7z
2016-11-05 20:21 - 2016-11-05 20:23 - 115103998 _____ C:\Users\Momoka\Downloads\aMidianBorn book of silence_DRAGONBORN DLC-24909-1-9.7z
2016-11-05 20:21 - 2016-11-05 20:22 - 74440359 _____ C:\Users\Momoka\Downloads\aMidianBorn book of silence_Creatures-24909-1-9.7z
2016-11-05 20:20 - 2016-11-05 20:20 - 45828028 _____ C:\Users\Momoka\Downloads\aMidianBorn Stormcloak officer_ULTRA-45692-1.7z
2016-11-05 20:20 - 2016-11-05 20:20 - 04045737 _____ C:\Users\Momoka\Downloads\ArchmageofWinterholdHDRTX-35089-0-0.rar
2016-11-05 20:19 - 2016-11-05 20:21 - 79328317 _____ C:\Users\Momoka\Downloads\aMidianBorn Solstheim Land-50013-1.7z
2016-11-05 20:18 - 2016-11-05 20:25 - 380194128 _____ C:\Users\Momoka\Downloads\amb landscape with terrain parallax 2k-37865-5.7z
2016-11-05 20:18 - 2016-11-05 20:24 - 348104633 _____ C:\Users\Momoka\Downloads\B amb forts 4k-49710-2.7z
2016-11-05 20:18 - 2016-11-05 20:20 - 91503362 _____ C:\Users\Momoka\Downloads\aMidianBorn Farmhouse 2k hires-49040-1.7z
2016-11-05 20:18 - 2016-11-05 20:20 - 150742029 _____ C:\Users\Momoka\Downloads\aMidianBorn Caves and Mines 2k-39190-3.7z
2016-11-05 20:18 - 2016-11-05 20:19 - 48653460 _____ C:\Users\Momoka\Downloads\aMidianBorn Imperial Light 1dot1_4k-50887-1-1.7z
2016-11-05 20:17 - 2016-11-05 20:22 - 255782400 _____ C:\Users\Momoka\Downloads\4K - 2K Landscape-2347-.7z
2016-11-05 14:30 - 2016-11-05 14:30 - 04652650 _____ C:\Users\Momoka\Downloads\SM64ANewAdventureBetaLevels.zip
2016-11-05 14:30 - 2016-11-05 14:30 - 04466059 _____ C:\Users\Momoka\Downloads\SuperMario64KirbyEditionV11.zip
2016-11-05 12:51 - 2016-11-05 12:51 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (17).dat
2016-11-05 01:05 - 2016-11-05 01:05 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (16).dat
2016-11-05 00:41 - 2016-11-05 00:53 - 713309804 _____ C:\Users\Momoka\Downloads\SSE Texture Pack 2K-1782-1-0.rar
2016-11-04 22:39 - 2016-11-04 22:39 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (15).dat
2016-11-04 21:55 - 2016-11-04 21:55 - 07758486 _____ C:\Users\Momoka\Downloads\Real Lighting ENB ReShade 0-1a-2709-0-1a (1).7z
2016-11-04 21:54 - 2016-11-04 21:54 - 07758486 _____ C:\Users\Momoka\Downloads\Real Lighting ENB ReShade 0-1a-2709-0-1a.7z
2016-11-04 21:54 - 2016-11-04 21:54 - 00095796 _____ C:\Users\Momoka\Downloads\ELE_SSE-1377-1-0.7z
2016-11-04 21:05 - 2016-11-04 21:05 - 01200075 _____ C:\Users\Momoka\Downloads\SkyUI_2_2-3863-2-2.7z
2016-11-04 20:51 - 2016-11-04 20:51 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (14).dat
2016-11-04 20:30 - 2016-11-04 20:30 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (13).dat
2016-11-04 19:27 - 2016-11-04 19:27 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (12).dat
2016-11-04 19:04 - 2016-11-04 19:04 - 02278905 _____ C:\Users\Momoka\Downloads\enbseries_skyrimse_v0309.zip
2016-11-04 19:04 - 2016-11-04 19:04 - 00030104 _____ C:\Users\Momoka\Downloads\Cyrn ENB-2823-1-0.rar
2016-11-04 18:29 - 2016-11-04 18:29 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (3) (1).dat
2016-11-04 18:27 - 2016-11-04 18:27 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (11).dat
2016-11-04 18:05 - 2016-11-04 18:05 - 00712907 _____ C:\Users\Momoka\Downloads\acnl_editor_v2_2b.zip
2016-11-04 18:02 - 2016-11-04 18:02 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (9).dat
2016-11-04 18:02 - 2016-11-04 18:02 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (8).dat
2016-11-04 18:02 - 2016-11-04 18:02 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (7).dat
2016-11-04 18:02 - 2016-11-04 18:02 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (6).dat
2016-11-04 18:02 - 2016-11-04 18:02 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (5).dat
2016-11-04 18:02 - 2016-11-04 18:02 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (10).dat
2016-11-04 17:57 - 2016-11-04 17:57 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (4).dat
2016-11-04 16:52 - 2016-11-04 16:52 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (3).dat
2016-11-04 16:43 - 2016-11-04 16:43 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (2).dat
2016-11-04 16:14 - 2016-11-04 16:14 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus (1).dat
2016-11-04 16:13 - 2016-11-04 16:13 - 00563968 _____ C:\Users\Momoka\Downloads\garden_plus.dat
2016-11-04 16:12 - 2016-11-04 16:12 - 00477224 _____ C:\Users\Momoka\Downloads\NLSE-master.zip
2016-11-04 15:45 - 2016-11-04 15:45 - 00036810 _____ C:\Users\Momoka\Downloads\ctr-httpwn-master.zip
2016-11-04 15:29 - 2016-11-04 15:29 - 00431299 _____ C:\Users\Momoka\Downloads\acnl_save_manager.zip
2016-11-02 21:20 - 2016-11-02 21:21 - 108418077 _____ C:\Users\Momoka\Downloads\Enhanced Blood Textures SE-2357-3-7.7z
2016-11-02 21:13 - 2016-11-02 21:14 - 32152355 _____ C:\Users\Momoka\Downloads\Skyfall Estate - Buildable Edition (SE)-2466-1-0.rar
2016-11-02 21:13 - 2016-11-02 21:14 - 10873903 _____ C:\Users\Momoka\Downloads\Clear refracting icicle and FrostAtronach-2458-1-0.7z
2016-11-02 18:58 - 2016-11-02 18:58 - 02293438 _____ C:\Users\Momoka\Downloads\enbseries_fallout4_v0307.zip
2016-11-02 18:57 - 2016-11-02 18:57 - 00576021 _____ C:\Users\Momoka\Downloads\dxgi.zip
2016-11-02 18:43 - 2016-11-02 18:44 - 24123982 _____ C:\Users\Momoka\Downloads\NVIDIA ENB-2375-1-0.zip
2016-11-02 15:46 - 2016-11-02 15:49 - 180112722 _____ C:\Users\Momoka\Downloads\Diverse Dragons Collection SE-695-1-1-0.zip
2016-11-02 15:46 - 2016-11-02 15:46 - 00820247 _____ C:\Users\Momoka\Downloads\DDCse Hotfix-695-1-1-0.zip
2016-11-02 15:45 - 2016-11-02 15:48 - 200237993 _____ C:\Users\Momoka\Downloads\Skyrim Flora Overhaul SE v2.6a-2154-2-6a.7z
2016-11-02 15:45 - 2016-11-02 15:48 - 141223967 _____ C:\Users\Momoka\Downloads\2K Textures-2154-.7z
2016-11-02 15:45 - 2016-11-02 15:46 - 79543037 _____ C:\Users\Momoka\Downloads\Climates Of Tamriel Special Edition-2237-v5-0SE.zip
2016-11-02 15:45 - 2016-11-02 15:45 - 00044900 _____ C:\Users\Momoka\Downloads\Cold and colorful ReShade 1.0-2372-1-0.zip
2016-11-02 15:44 - 2016-11-02 15:44 - 01259471 _____ C:\Users\Momoka\Downloads\DustEffectsSSE-2407-1-0.rar
2016-11-01 23:47 - 2016-11-01 23:47 - 00974645 _____ C:\Users\Momoka\Downloads\Realistic W.A.T.E.R-2198-1-0 (1).7z
2016-11-01 23:43 - 2016-11-01 23:44 - 62370895 _____ C:\Users\Momoka\Downloads\RUSTIC WINDOWS - Special Edition - 2K-1937-1-0.7z
2016-11-01 23:42 - 2016-11-01 23:43 - 64974428 _____ C:\Users\Momoka\Downloads\3.4.1-670-3-4-1.zip
2016-11-01 23:42 - 2016-11-01 23:42 - 20580233 _____ C:\Users\Momoka\Downloads\LeanWolfs Better-Shaped Weapons v2.0.08a-2017-2-0-08.7z
2016-11-01 23:42 - 2016-11-01 23:42 - 00125958 _____ C:\Users\Momoka\Downloads\LeanWolfs Better-Shaped Dawnbreaker Greatsword-2017-1-01.7z
2016-11-01 23:34 - 2016-11-01 23:34 - 00158359 _____ C:\Users\Momoka\Downloads\Phenderix Magic Evolved - Version 1.30 - Draugr Dominance-172-1-30.zip
2016-11-01 23:32 - 2016-11-01 23:32 - 04060657 _____ C:\Users\Momoka\Downloads\Textures 2 k-1045-.rar
2016-11-01 23:12 - 2016-11-01 23:14 - 119999603 _____ C:\Users\Momoka\Downloads\Verdant 2.2 SSE Edition-2296-2-2.rar
2016-11-01 21:11 - 2016-11-01 21:11 - 00008351 _____ C:\Users\Momoka\Downloads\SSE Color Rebalance-1888-1-0.rar
2016-11-01 15:09 - 2016-11-01 15:11 - 118188759 _____ C:\Users\Momoka\Downloads\True Eyes SE-2195-1-01.rar
2016-11-01 15:09 - 2016-11-01 15:09 - 00974645 _____ C:\Users\Momoka\Downloads\Realistic W.A.T.E.R-2198-1-0.7z
2016-11-01 15:05 - 2016-11-01 15:09 - 212512915 _____ C:\Users\Momoka\Downloads\Vivid Weathers SE - One file to rule them all-2187-0-9.7z
2016-10-31 19:23 - 2016-10-31 19:24 - 09244229 _____ C:\Users\Momoka\Downloads\Realistic World Effects By DjDarthyGamer 1.0 Alpha-1961-1-0A.rar
2016-10-31 17:19 - 2016-10-31 17:20 - 00000000 ____D C:\Users\Momoka\AppData\Local\Bethesda.net Launcher
2016-10-31 17:19 - 2016-10-31 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2016-10-31 15:30 - 2016-10-31 15:30 - 07575688 _____ (Bethesda Softworks ) C:\Users\Momoka\Downloads\BethesdaNetLauncher_Setup.exe
2016-10-30 22:46 - 2016-10-30 22:46 - 27913532 _____ C:\Users\Momoka\Downloads\Zelda Gaiden v2.1.0.zip
2016-10-30 22:45 - 2016-10-30 22:45 - 00121492 _____ C:\Users\Momoka\Downloads\OOT (Beta) Skybox in MM.zip
2016-10-30 22:34 - 2016-10-30 22:34 - 67125760 _____ C:\Users\Momoka\Downloads\Ura Zelda Restoration (2).Z64
2016-10-30 22:33 - 2016-10-30 22:33 - 67125760 _____ C:\Users\Momoka\Downloads\Ura Zelda Restoration (1).Z64
2016-10-30 22:33 - 2016-10-30 22:33 - 31365022 _____ C:\Users\Momoka\Downloads\ZethN64_Restoration.Z64.zip
2016-10-30 22:16 - 2016-10-30 22:16 - 00000000 ____D C:\Users\Momoka\AppData\Local\Super_Mario_UniMaker
2016-10-30 22:15 - 2016-10-30 22:15 - 00000000 ____D C:\Users\Momoka\Super Mario UniMaker
2016-10-30 22:09 - 2016-10-30 22:09 - 71518571 _____ C:\Users\Momoka\Downloads\Super_Mario_UniMaker-Beta_Demo-_v1.0-(1).rar
2016-10-30 22:09 - 2016-10-30 22:09 - 47210055 _____ (2DU Team) C:\Users\Momoka\Downloads\Super-Mario-2D-Universe-BDemo-v1.2.exe
2016-10-30 22:09 - 2016-10-30 22:09 - 47210055 _____ (2DU Team) C:\Users\Momoka\Downloads\Super-Mario-2D-Universe-BDemo-v1.2 (1).exe
2016-10-30 22:02 - 2016-10-30 22:02 - 00206318 _____ C:\Users\Momoka\Downloads\MarioExpedition.rar
2016-10-30 20:39 - 2016-10-30 20:39 - 07744017 _____ C:\Users\Momoka\Downloads\Real Lighting ReShade-1806-1-0.7z
2016-10-30 02:29 - 2016-10-30 02:30 - 03885568 _____ (crosire) C:\Users\Momoka\Downloads\ReShade_Setup_3.0.3.exe
2016-10-30 02:29 - 2016-10-30 02:29 - 00053708 _____ C:\Users\Momoka\Downloads\MMGE SSE 1.1-1437-1-1.rar
2016-10-30 02:28 - 2016-10-30 02:28 - 16491559 _____ C:\Users\Momoka\Downloads\CR Enb Realistic 272 Beta-55914-272.zip
2016-10-30 02:27 - 2016-10-30 02:27 - 03484240 _____ C:\Users\Momoka\Downloads\Realistic Lighting Overhaul 4_0_8_01 Manual Install-844-4-0-8-1.zip
2016-10-30 02:25 - 2016-10-30 02:25 - 04781710 _____ C:\Users\Momoka\Downloads\Grimm's mountain retexture-825-v2 (1).7z
2016-10-30 02:25 - 2016-10-30 02:25 - 00000184 _____ C:\Users\Momoka\Downloads\msga-970-1-0.rar
2016-10-30 02:20 - 2016-10-30 02:20 - 00220824 _____ C:\Users\Momoka\Downloads\File-245-1-0-0-1.zip
2016-10-30 02:19 - 2016-10-30 02:19 - 00000288 _____ C:\Users\Momoka\Downloads\Sigil Stone Locations-188-1-5.7z
2016-10-30 00:28 - 2016-10-30 00:28 - 04781710 _____ C:\Users\Momoka\Downloads\Grimm's mountain retexture-825-v2.7z
2016-10-29 15:28 - 2016-10-29 15:28 - 00000000 ____D C:\ZeldaOcarinaOfTime
2016-10-29 13:23 - 2016-10-29 13:23 - 00000000 ____D C:\Users\Momoka\AppData\Local\SkyrimSE
2016-10-29 13:10 - 2016-10-29 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-10-29 13:10 - 2016-10-29 13:10 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-10-29 13:10 - 2016-10-29 13:10 - 00000000 ____D C:\ProgramData\McAfee
2016-10-29 03:25 - 2016-10-29 03:25 - 00288725 _____ C:\Users\Momoka\Downloads\nvidiaInspector.zip
2016-10-29 00:56 - 2016-10-29 00:56 - 06773404 _____ C:\Users\Momoka\Downloads\MasterEffect ReBorn 1.1.287 public.7z

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-28 20:12 - 2016-09-10 01:52 - 03000166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-28 20:12 - 2016-08-18 21:19 - 00000000 ____D C:\FRST
2016-11-28 20:08 - 2016-04-18 15:57 - 00000000 ____D C:\Users\Momoka\AppData\Local\LogMeIn Hamachi
2016-11-28 20:07 - 2016-09-10 02:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-28 20:07 - 2016-09-10 01:49 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-28 20:07 - 2016-02-14 19:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-28 20:07 - 2015-10-25 22:25 - 00000000 ____D C:\Users\Momoka\AppData\Local\Oculus
2016-11-28 20:06 - 2016-09-10 01:53 - 00000000 ____D C:\Users\Momoka
2016-11-28 20:06 - 2016-07-16 00:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-28 20:03 - 2016-09-10 01:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-28 15:55 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-28 15:54 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-28 00:27 - 2015-11-23 22:37 - 00000000 ____D C:\Users\Momoka\AppData\LocalLow\Temp
2016-11-27 23:32 - 2015-09-26 23:37 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-27 23:08 - 2015-12-03 21:59 - 00000000 ____D C:\Users\Momoka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-27 20:52 - 2016-01-28 16:13 - 00000000 ____D C:\Users\Momoka\Desktop\random
2016-11-27 20:39 - 2016-08-18 20:09 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-27 20:38 - 2015-09-26 22:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-27 20:27 - 2016-05-11 22:41 - 00000000 ____D C:\AdwCleaner
2016-11-27 20:18 - 2016-05-12 19:02 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-11-27 20:14 - 2016-09-10 01:53 - 00000000 ____D C:\Users\DefaultAppPool
2016-11-27 20:13 - 2016-07-16 05:47 - 00000000 __RSD C:\WINDOWS\Media
2016-11-27 20:13 - 2016-02-14 19:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-27 20:04 - 2016-09-10 02:22 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Momoka
2016-11-27 20:04 - 2016-08-20 13:08 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Momoka.job
2016-11-27 20:04 - 2016-04-10 17:09 - 00000000 ____D C:\Users\Momoka\AppData\Roaming\uTorrent
2016-11-27 19:31 - 2016-07-14 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-27 16:40 - 2016-02-14 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-26 20:54 - 2016-01-07 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-26 15:30 - 2016-01-20 22:20 - 00000000 ____D C:\Users\Momoka\Powersaves3DS
2016-11-26 15:30 - 2016-01-20 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2016-11-26 15:30 - 2016-01-20 22:20 - 00000000 ____D C:\Program Files (x86)\Action Replay PowerSaves 3DS
2016-11-26 01:58 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-25 23:24 - 2016-09-20 18:52 - 00001118 _____ C:\Users\Momoka\Desktop\Mozilla Firefox.lnk
2016-11-25 23:24 - 2015-10-01 04:53 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-25 20:35 - 2016-03-20 19:14 - 00000000 ____D C:\Users\Momoka\AppData\Roaming\discord
2016-11-25 16:19 - 2015-09-26 23:07 - 00000000 ____D C:\Users\Momoka\AppData\Local\ElevatedDiagnostics
2016-11-25 14:50 - 2016-08-19 15:13 - 00000000 ____D C:\ProgramData\ProductData
2016-11-21 01:04 - 2015-09-27 16:40 - 00000000 ____D C:\Users\Momoka\AppData\Roaming\Skype
2016-11-14 00:35 - 2016-10-27 19:59 - 00000000 ____D C:\Users\Momoka\AppData\Local\Skyrim Special Edition
2016-11-12 01:28 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-09 22:13 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-08 19:53 - 2016-02-15 14:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-08 19:51 - 2016-09-10 01:46 - 00241656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-08 19:51 - 2015-10-23 16:02 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-08 19:49 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-08 19:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-08 19:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-08 19:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-08 19:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-08 19:49 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-08 18:01 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-08 18:01 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-08 16:51 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-08 16:48 - 2016-02-15 16:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-08 16:43 - 2016-02-17 17:36 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-04 19:17 - 2015-09-28 22:12 - 00000000 ____D C:\Users\Momoka\Documents\Nexus Mod Manager
2016-11-04 18:58 - 2016-09-20 16:57 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-11-04 18:58 - 2016-09-02 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-04 18:58 - 2015-09-28 21:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-02 15:48 - 2016-10-27 18:42 - 00000000 ____D C:\Users\Momoka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Development Team
2016-11-02 15:48 - 2016-10-27 18:42 - 00000000 ____D C:\Users\Momoka\AppData\Local\citra
2016-11-02 15:48 - 2015-10-23 16:01 - 00000000 ____D C:\Users\Momoka\AppData\Local\SquirrelTemp
2016-11-01 15:18 - 2015-09-26 23:39 - 00000000 ____D C:\Users\Momoka\AppData\Local\Steam
2016-10-30 22:38 - 2015-09-28 19:25 - 00000000 ____D C:\Users\Momoka\Documents\emugames
2016-10-29 16:09 - 2015-09-30 22:02 - 00000000 ____D C:\Users\Momoka\Documents\BeamNG.drive
2016-10-29 15:31 - 2015-09-30 01:46 - 00000000 ____D C:\Users\Momoka\AppData\Local\UnrealEngine
2016-10-29 13:13 - 2016-01-20 18:13 - 00000000 ____D C:\Users\Momoka\AppData\Local\Adobe
2016-10-29 00:13 - 2016-01-26 17:06 - 00000220 _____ C:\Users\Momoka\Desktop\Garry's Mod.url

==================== Files in the root of some directories =======

2016-08-04 22:07 - 2016-08-04 22:11 - 0000030 _____ () C:\Users\Momoka\AppData\Roaming\alsoft.ini
2015-08-05 09:51 - 2015-08-05 09:51 - 0000000 _____ () C:\Users\Momoka\AppData\Roaming\bdopatchtime.txt
2016-09-27 23:34 - 2016-09-27 23:34 - 0003584 _____ () C:\Users\Momoka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-22 01:07 - 2015-10-22 01:07 - 0000925 _____ () C:\Users\Momoka\AppData\Local\recently-used.xbel
2015-12-01 17:32 - 2015-12-03 18:51 - 0007602 _____ () C:\Users\Momoka\AppData\Local\Resmon.ResmonCfg
2016-09-10 01:48 - 2016-09-10 01:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-01 17:57 - 2016-03-01 17:57 - 0004136 _____ () C:\ProgramData\oqztiqep.adk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-25 16:17

==================== End of FRST.txt ============================

FRST.txt

Rkill.txt

Link to post
Share on other sites

Quote

Make sure Addition.txt is checkmarked under "Optional scans"

 

I did include the optonal scan "Addition.txt" in the instructions for FRST scan... Continue please:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Please download Junkware Removal Tool to your desktop.
 
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin....

 

 

Fixlist.txt

Link to post
Share on other sites

The search bar thing is still showing up. I have no idea what is causing it 

 

# AdwCleaner v6.030 - Logfile created 29/11/2016 at 21:04:17
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-29.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Momoka - MOMOKA-PC
# Running from : C:\Users\Momoka\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4288 Bytes] - [18/08/2016 14:54:38]
C:\AdwCleaner\AdwCleaner[C2].txt - [3710 Bytes] - [25/08/2016 15:59:47]
C:\AdwCleaner\AdwCleaner[C3].txt - [4654 Bytes] - [25/11/2016 23:24:27]
C:\AdwCleaner\AdwCleaner[C4].txt - [1762 Bytes] - [26/11/2016 00:10:37]
C:\AdwCleaner\AdwCleaner[C5].txt - [2215 Bytes] - [27/11/2016 20:27:21]
C:\AdwCleaner\AdwCleaner[S10].txt - [2272 Bytes] - [27/11/2016 20:26:05]
C:\AdwCleaner\AdwCleaner[S11].txt - [1426 Bytes] - [29/11/2016 21:04:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [2817 Bytes] - [11/05/2016 22:41:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [4158 Bytes] - [18/08/2016 14:53:57]
C:\AdwCleaner\AdwCleaner[S3].txt - [1350 Bytes] - [18/08/2016 18:36:42]
C:\AdwCleaner\AdwCleaner[S4].txt - [1423 Bytes] - [18/08/2016 18:41:36]
C:\AdwCleaner\AdwCleaner[S5].txt - [3738 Bytes] - [25/08/2016 15:58:40]
C:\AdwCleaner\AdwCleaner[S6].txt - [5257 Bytes] - [25/11/2016 23:21:42]
C:\AdwCleaner\AdwCleaner[S7].txt - [4930 Bytes] - [25/11/2016 23:23:52]
C:\AdwCleaner\AdwCleaner[S8].txt - [1886 Bytes] - [26/11/2016 00:09:47]
C:\AdwCleaner\AdwCleaner[S9].txt - [3700 Bytes] - [27/11/2016 16:25:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2157 Bytes] ##########

2016.11.29-17.41.52-i0-t92-d5.txt

JRT.txt

mrt.log

Link to post
Share on other sites

Hello MomokaChan,

Thank you for that log, run the following and post the two fresh logs. Also tell me if you have any remaining issues or concerns.

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

Regards,

Kevin

 

 

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.