Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
Ran by Huud (administrator) on HUD (11-08-2016 13:05:08)
Running from C:\Users\Huud\Downloads
Loaded Profiles: Huud (Available Profiles: Huud)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Bigjane\Application\chrome.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Huud\AppData\Roaming\Java\SYSHUD.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Java7 Update] => C:\Users\Huud\AppData\Roaming\Java\SYSHUD.exe [93696512 2016-07-08] ()
HKLM\...\Run: [Java Scheduler 7] => C:\Users\Huud\AppData\Roaming\Java\Java8.exe
HKLM-x32\...\Run: [StereoLinksInstall] => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1855672 2015-07-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-08] (Disc Soft Ltd)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\MountPoints2: {9ffe97cb-32db-11e6-8266-bc5ff4f90db9} - "J:\Autoplay.exe" -auto
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\MountPoints2: {af3f1d98-325d-11e6-8264-bc5ff4f90db9} - "E:\Autoplay.exe" -auto
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll No File
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-660149222-360375265-253833097-1001] => 127.0.0.1:60074
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{A51B04F4-7FD3-4AA6-94A5-5055DA694E3C}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A51B04F4-7FD3-4AA6-94A5-5055DA694E3C}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-660149222-360375265-253833097-1001 -> {CCC656BE-1446-42AA-9657-87D87284EC11} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
FireFox:
========
FF ProfilePath: C:\Users\Huud\AppData\Roaming\Mozilla\Firefox\Profiles\g1dyltku.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 57460
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 57460
FF NetworkProxy: "type", 1
FF NetworkProxy: "http_port", 18751
FF NetworkProxy: "ssl_port", 18751
FF NetworkProxy: " type", 1
FF NetworkProxy: "http_port", 45207
FF NetworkProxy: "ssl_port", 45207
FF NetworkProxy: "http_port", 51394
FF NetworkProxy: "ssl_port", 51394
FF NetworkProxy: "http_port", 17773
FF NetworkProxy: "ssl_port", 17773
FF NetworkProxy: "http_port", 5449
FF NetworkProxy: "ssl_port", 5449
FF NetworkProxy: "http_port", 21947
FF NetworkProxy: "ssl_port", 21947
FF NetworkProxy: "http_port", 18466
FF NetworkProxy: "ssl_port", 18466
FF NetworkProxy: "http_port", 39580
FF NetworkProxy: "ssl_port", 39580
FF NetworkProxy: "http_port", 1949
FF NetworkProxy: "ssl_port", 1949
FF NetworkProxy: "http_port", 60072
FF NetworkProxy: "ssl_port", 60072
FF NetworkProxy: "http_port", 16501
FF NetworkProxy: "ssl_port", 16501
FF NetworkProxy: "http_port", 5743
FF NetworkProxy: "ssl_port", 5743
FF NetworkProxy: "http_port", 12646
FF NetworkProxy: "ssl_port", 12646
FF NetworkProxy: "http_port", 25409
FF NetworkProxy: "ssl_port", 25409
FF NetworkProxy: "http_port", 52054
FF NetworkProxy: "ssl_port", 52054
FF NetworkProxy: "http_port", 14595
FF NetworkProxy: "ssl_port", 14595
FF NetworkProxy: "http_port", 51451
FF NetworkProxy: "ssl_port", 51451
FF NetworkProxy: "http_port", 46143
FF NetworkProxy: "ssl_port", 46143
FF NetworkProxy: "http_port", 57943
FF NetworkProxy: "ssl_port", 57943
FF NetworkProxy: "http_port", 55560
FF NetworkProxy: "ssl_port", 55560
FF NetworkProxy: "http_port", 37959
FF NetworkProxy: "ssl_port", 37959
FF NetworkProxy: "http_port", 42500
FF NetworkProxy: "ssl_port", 42500
FF NetworkProxy: "http_port", 22814
FF NetworkProxy: "ssl_port", 22814
FF NetworkProxy: "http_port", 44752
FF NetworkProxy: "ssl_port", 44752
FF NetworkProxy: "http_port", 17009
FF NetworkProxy: "ssl_port", 17009
FF NetworkProxy: "http_port", 60074
FF NetworkProxy: "ssl_port", 60074
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-15] [not signed]
Chrome:
=======
CHR HomePage: ChromeDefaultData2 -> hxxp://www.nicesearches.com?type=hp&ts=1466511050&from=f0510621&uid=st500dm002-1bc142_6vmydn1kxxxx6vmydn1k&z=78cde7e52e5d3d9ee8074e2gczfq9q6w4gbg4eawee
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nicesearches.com?type=hp&ts=1466511050&from=f0510621&uid=st500dm002-1bc142_6vmydn1kxxxx6vmydn1k&z=78cde7e52e5d3d9ee8074e2gczfq9q6w4gbg4eawee"
CHR Profile: C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2
CHR Extension: (Google Apresentações) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-14]
CHR Extension: (Google Docs) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-14]
CHR Extension: (Google Drive) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-14]
CHR Extension: (YouTube) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-06-15]
CHR Extension: (Planilhas do Google) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-14]
CHR Extension: (Gmail) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-14]
CHR Extension: (Chrome Media Router) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-08] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-06-08] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [422104 2016-07-21] ()
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1242232 2016-07-26] (ExWzp Pvt Ltd.) <==== ATTENTION
S2 ArerackServerService; "C:\Program Files (x86)\Arerack\ArerackServerService.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S2 BigjaneP; "C:\ProgramData\Bigjane\Bigjane.exe" [X]
S2 BigjaneU; "C:\Program Files (x86)\Bigjane\Update\BigjaneUpdate.exe" [X]
S2 cktSvc; "C:\Program Files (x86)\Uncheckit\cktSvc.exe" {92E162D7-70FD-48F7-A779-91154F8FD518} [X]
S2 dowidoly; no ImagePath
S2 duvoshlecitionCollectorS; "C:\Program Files (x86)\Duvoshlecition\duvoshlecitionCollectorS.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S2 LefttoeP; "C:\ProgramData\Lefttoe\Lefttoe.exe" [X]
S2 LefttoeU; "C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe" [X]
S2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [X]
S2 WdMan; C:\ProgramData\EwinpE\WFini.exe -svr [X]
S2 YesdearP; "C:\ProgramData\Yesdear\Yesdear.exe" [X]
S2 YesdearU; "C:\Program Files (x86)\Yesdear\Update\YesdearUpdate.exe" [X]
S2 YSearchUtilSvc; "C:\Program Files (x86)\Yahoo!\yset\{743AAE24-18AB-8941-A33C-5DE56D31CDE8}\YSearchUtilSvc.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2016-06-14] (Advanced Micro Devices Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-06-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-06-14] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 whfltr2k; C:\Windows\System32\drivers\whfltr2k.sys [10368 2016-06-14] ()
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-06-14] (Basil Projects)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R3 X6va061; \??\C:\Windows\SysWOW64\Drivers\X6va061 [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-11 13:05 - 2016-08-11 13:07 - 00019985 _____ C:\Users\Huud\Downloads\FRST.txt
2016-08-11 13:04 - 2016-08-11 13:05 - 00000000 ____D C:\FRST
2016-08-11 13:04 - 2016-08-11 13:04 - 02393600 _____ (Farbar) C:\Users\Huud\Downloads\FRST64.exe
2016-08-11 13:03 - 2016-08-11 13:03 - 01744384 _____ (Farbar) C:\Users\Huud\Downloads\FRST.exe
2016-08-10 16:26 - 2016-08-10 16:26 - 00743760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100d.dll
2016-08-10 16:25 - 2016-08-10 16:25 - 01537368 _____ C:\Users\Huud\Downloads\Fuji Trainer Ver. 1.4.0.0.rar
2016-08-10 16:25 - 2012-12-11 03:23 - 00000000 ____D C:\Users\Huud\Desktop\Fuji Trainer Ver. 1.4.0.0
2016-08-10 13:24 - 2016-08-10 13:24 - 01559040 _____ (Febit) C:\Windows\SysWOW64\Cabal.dll
2016-08-10 13:23 - 2016-08-10 13:23 - 00895739 _____ C:\Users\Huud\Downloads\Small Trainer.rar
2016-08-10 13:23 - 2016-07-22 16:50 - 03084288 _____ C:\Users\Huud\Desktop\Small Trainer.exe
2016-08-10 13:15 - 2016-08-10 09:12 - 00141824 _____ C:\Users\Huud\Desktop\for CabalMain.exe
2016-08-10 13:14 - 2016-08-10 13:14 - 00041278 _____ C:\Users\Huud\Downloads\for CabalMain.rar
2016-08-10 12:34 - 2016-08-10 12:34 - 00000681 _____ C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cabal Nexus Online.lnk
2016-08-10 12:34 - 2016-08-10 12:34 - 00000651 _____ C:\Users\Public\Desktop\Cabal Nexus.lnk
2016-08-10 12:33 - 2016-08-10 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Games
2016-08-10 12:22 - 2016-08-10 22:02 - 00000000 ____D C:\CABAL NexusGames
2016-08-10 00:34 - 2016-08-10 01:05 - 2100597463 ____R (Nexus Games ) C:\Users\Huud\Downloads\CabalNexusEP12V6-FULL.exe
2016-08-10 00:34 - 2016-08-10 00:34 - 00021068 _____ C:\Users\Huud\Downloads\CabalNexusEP12V6-FULL.exe.torrent
2016-08-09 18:10 - 2016-08-09 18:10 - 00000000 ____D C:\Users\Huud\Desktop\Tor Browser
2016-08-09 18:08 - 2016-08-09 18:10 - 49850824 _____ C:\Users\Huud\Downloads\torbrowser-install-6.0.3_pt-PT.exe
2016-08-08 21:59 - 2016-08-08 21:59 - 00363644 _____ C:\Users\Huud\Downloads\ca3008bb-6f18-48a8-bdd6-ab56b71557f1 (2).pdf
2016-08-08 21:58 - 2016-08-08 21:58 - 00628450 _____ C:\Users\Huud\Downloads\4ee21345-a3e8-4efe-a07e-9a8401e9a3ca (1).pdf
2016-08-08 21:56 - 2016-08-08 21:56 - 00363644 _____ C:\Users\Huud\Downloads\ca3008bb-6f18-48a8-bdd6-ab56b71557f1 (1).pdf
2016-08-08 12:55 - 2016-08-08 12:55 - 00628450 _____ C:\Users\Huud\Downloads\4ee21345-a3e8-4efe-a07e-9a8401e9a3ca.pdf
2016-08-08 12:52 - 2016-08-08 12:52 - 00363644 _____ C:\Users\Huud\Downloads\ca3008bb-6f18-48a8-bdd6-ab56b71557f1.pdf
2016-08-08 00:51 - 2016-08-08 00:51 - 00000000 ____D C:\Users\Huud\AppData\Local\MultiPlayerManager
2016-08-07 22:27 - 2016-08-08 00:55 - 00000000 ____D C:\Users\Huud\.android
2016-08-07 22:26 - 2016-08-07 22:26 - 00000963 _____ C:\Users\Huud\Desktop\Multi-Drive.lnk
2016-08-07 22:26 - 2016-08-07 22:26 - 00000882 _____ C:\Users\Huud\Desktop\Nox.lnk
2016-08-07 22:26 - 2016-08-07 22:26 - 00000000 ____D C:\Users\Huud\Nox_share
2016-08-07 22:26 - 2016-08-07 22:26 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-08-07 22:25 - 2016-08-08 00:54 - 00000000 ____D C:\Users\Huud\vmlogs
2016-08-07 22:25 - 2016-08-08 00:54 - 00000000 ____D C:\Users\Huud\.BigNox
2016-08-07 22:25 - 2016-08-07 22:25 - 00000000 ____D C:\Program Files\DIFX
2016-08-07 22:25 - 2016-08-07 22:25 - 00000000 ____D C:\Program Files\Bignox
2016-08-07 22:25 - 2015-09-16 03:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-07 22:25 - 2015-09-16 00:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-07 22:24 - 2016-08-08 01:02 - 00000000 ____D C:\Users\Huud\AppData\Local\Nox
2016-08-07 22:24 - 2016-08-07 22:24 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Nox
2016-08-07 22:04 - 2016-08-07 22:24 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Huud\Downloads\nox_setup_v3.7.1.0_full_En.exe
2016-08-05 16:43 - 2016-08-05 16:43 - 00000000 ____D C:\Users\Huud\Desktop\TransonFinal
2016-08-05 15:19 - 2016-08-05 15:19 - 00000033 _____ C:\Users\Huud\AppData\Roaming\AdobeWLCMCache.dat
2016-08-05 15:18 - 2016-08-05 15:18 - 00048411 _____ C:\Users\Huud\Downloads\animals.zip
2016-08-04 22:04 - 2016-08-04 22:04 - 04069177 _____ C:\Users\Huud\Downloads\xposed-v78-sdk22-x86.zip
2016-08-04 21:21 - 2016-08-04 21:21 - 01693322 _____ C:\Users\Huud\Downloads\Release.zip
2016-08-04 21:07 - 2016-08-04 21:07 - 10209744 _____ C:\Users\Huud\Downloads\com.pokebase.pokedetector_1.1.1-9_minAPI16(arm64-v8a,armeabi,armeabi-v7a,mips,x86,x86_64)(nodpi)_apkquick.com.apk
2016-08-04 21:00 - 2016-08-04 21:00 - 00311268 _____ C:\Users\Huud\Downloads\xposed-uninstaller-20160211.zip
2016-08-04 20:39 - 2016-08-04 20:39 - 03568563 _____ C:\Users\Huud\Downloads\xposed-v86.0-sdk22-arm-custom-build-by-wanam-20160709.zip
2016-08-04 19:51 - 2016-08-04 19:51 - 03557054 _____ C:\Users\Huud\Downloads\xposed-v75.8-sdk22-arm-custom-build-by-wanam-20151030.zip
2016-08-04 19:32 - 2016-08-04 19:32 - 00788771 _____ C:\Users\Huud\Downloads\de.robv.android.xposed.installer_v33_36570c.apk
2016-08-04 19:28 - 2016-08-04 19:28 - 13230138 _____ C:\Users\Huud\Downloads\twrp-3.0.2.0-j500fn.tar.md5
2016-08-04 19:22 - 2016-08-04 19:22 - 00995973 _____ C:\Users\Huud\Downloads\Odin_v3.09.zip
2016-08-03 11:14 - 2016-08-04 21:27 - 00000000 ____D C:\Users\Huud\Desktop\Release
2016-08-01 12:09 - 2016-08-01 12:09 - 26722042 _____ C:\Users\Huud\Downloads\mods.rar
2016-07-28 13:34 - 2016-07-28 13:34 - 00003544 _____ C:\Windows\System32\Tasks\BigjaneUpdateTaskMachineCore
2016-07-28 13:34 - 2016-07-28 13:34 - 00003460 _____ C:\Windows\System32\Tasks\BigjaneUpdateTaskMachineUA
2016-07-28 13:34 - 2016-07-28 13:34 - 00000000 ____D C:\Users\Huud\AppData\Local\Bigjane
2016-07-28 13:32 - 2016-07-28 13:32 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Winziper
2016-07-28 13:28 - 2016-07-28 13:28 - 00000474 __RSH C:\Users\Huud\ntuser.pol
2016-07-27 21:39 - 2016-08-10 07:27 - 00000000 ____D C:\Users\Huud\AppData\Roaming\qksee
2016-07-27 21:39 - 2016-07-31 14:00 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-07-27 21:39 - 2016-07-27 21:39 - 00000000 ____D C:\Users\Huud\AppData\Roaming\eCyber
2016-07-27 21:39 - 2016-07-27 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-07-27 21:39 - 2016-07-27 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-07-25 17:39 - 2016-07-25 17:39 - 00000000 ____D C:\Users\Huud\AppData\Local\Steam
2016-07-25 17:39 - 2016-07-25 17:39 - 00000000 ____D C:\Users\Huud\AppData\Local\CEF
2016-07-25 17:34 - 2016-08-09 17:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-25 17:34 - 2016-07-25 17:34 - 01444992 _____ C:\Users\Huud\Downloads\SteamSetup.exe
2016-07-25 17:34 - 2016-07-25 17:34 - 00000971 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-25 17:34 - 2016-07-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-24 13:14 - 2016-07-24 13:14 - 02171358 _____ C:\Users\Huud\Documents\trabson.swf
2016-07-24 13:14 - 2016-07-24 13:14 - 00010570 _____ C:\Users\Huud\Documents\trabson.html
2016-07-24 13:14 - 2016-07-24 13:14 - 00000000 ____D C:\Users\Huud\Documents\trabson_Resources
2016-07-24 13:06 - 2016-07-24 13:06 - 12345971 _____ C:\Users\Huud\Downloads\League Of Legends no JORNAL NACIONAL - Reportagem sobre a final CBLoL 2016.mp4
2016-07-24 13:03 - 2016-07-31 20:06 - 00000000 ____D C:\Users\Huud\Desktop\Trabson
2016-07-24 11:18 - 2016-07-24 11:18 - 08041746 _____ C:\Users\Huud\Downloads\LeeSin-2.psd
2016-07-24 11:18 - 2016-07-24 11:18 - 08041746 _____ C:\Users\Huud\Downloads\LeeSin-2 (1).psd
2016-07-24 10:35 - 2016-07-24 10:35 - 00000000 ____D C:\Users\Huud\AppData\Local\YSearchUtil
2016-07-23 23:44 - 2016-07-23 23:44 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Huud\Downloads\DTLiteInstaller.exe
2016-07-23 19:48 - 2016-07-23 19:50 - 00000000 ____D C:\Temp Adobe
2016-07-23 19:35 - 2016-07-23 19:47 - 00000000 ____D C:\Users\Huud\Downloads\Adobe InDesign CC 2014.10.0.0.70 RePack by D!akov
2016-07-23 18:30 - 2016-07-23 18:30 - 00016880 _____ C:\Users\Huud\Downloads\adobe.indesign.cc.2014.10.0.0.70.preactivated.repack.by.d.ak.[programasviatorrents.com].torrent
2016-07-23 15:48 - 2016-07-23 15:48 - 00000000 ____D C:\Users\Huud\AppData\Local\CrashRpt
2016-07-23 15:48 - 2016-06-08 02:34 - 00249104 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-07-22 16:16 - 2016-07-22 16:16 - 00000000 ____D C:\Users\Huud\AppData\Local\Level Up!
2016-07-22 16:14 - 2016-07-22 16:14 - 00001614 _____ C:\Users\Huud\Desktop\Warface.lnk
2016-07-22 16:14 - 2016-07-22 16:14 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-07-22 16:09 - 2016-07-22 16:09 - 00000000 ____D C:\Level Up
2016-07-22 14:03 - 2016-07-22 14:31 - 00000000 ____D C:\Users\Huud\Downloads\Instalador_Client_Warface_1.1.409.107
2016-07-22 13:32 - 2016-07-22 13:32 - 00400944 _____ () C:\Users\Huud\Downloads\warface.exe
2016-07-22 13:32 - 2016-07-22 13:32 - 00032662 _____ C:\Users\Huud\Downloads\Instalador_Client_Warface.torrent
2016-07-22 05:51 - 2016-07-22 05:51 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2016-07-22 05:51 - 2016-07-22 05:51 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2016-07-21 20:31 - 2016-07-21 20:40 - 00000000 ____D C:\AdwCleaner
2016-07-21 20:31 - 2016-07-21 20:31 - 03712064 _____ C:\Users\Huud\Downloads\AdwCleaner.exe
2016-07-21 20:21 - 2016-07-22 12:44 - 00000878 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-21 20:21 - 2016-07-21 20:21 - 06868672 _____ (Piriform Ltd) C:\Users\Huud\Downloads\ccsetup516.exe
2016-07-21 20:21 - 2016-07-21 20:21 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-21 20:21 - 2016-07-21 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-21 20:21 - 2016-07-21 20:21 - 00000000 ____D C:\Program Files\CCleaner
2016-07-21 20:18 - 2016-08-08 17:43 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 20:17 - 2016-08-11 12:41 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 20:17 - 2016-08-10 18:41 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 20:17 - 2016-07-28 18:36 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-21 20:17 - 2016-07-28 18:36 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-21 20:16 - 2016-07-21 20:17 - 00000000 ____D C:\Users\Huud\AppData\Local\Deployment
2016-07-21 20:05 - 2016-07-21 20:05 - 25200168 _____ (Mozilla) C:\Users\Huud\Downloads\Firefox Setup [1].exe
2016-07-21 20:05 - 2016-07-21 20:05 - 00000000 ____D C:\Users\Huud\AppData\Local\Mozilla
2016-07-21 20:05 - 2016-07-21 20:05 - 00000000 ____D C:\ProgramData\Mozilla
2016-07-21 19:41 - 2016-07-21 19:41 - 00987728 _____ (Google Inc.) C:\Users\Huud\Downloads\ChromeSetup.exe
2016-07-20 13:23 - 2016-07-20 13:23 - 00000000 ____D C:\Windows\EOONotify
2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2016-07-20 11:06 - 2016-07-20 11:06 - 01138688 _____ C:\Users\Huud\Downloads\Untitled-1.indd
2016-07-20 11:05 - 2016-07-24 13:15 - 06197248 _____ C:\Users\Huud\Documents\Untitled-1.indd
2016-07-20 09:51 - 2016-07-21 17:10 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-20 09:51 - 2016-07-21 17:10 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-20 09:50 - 2016-07-20 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-20 09:50 - 2016-07-20 09:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-07-19 20:28 - 2016-07-19 20:28 - 00381816 _____ C:\Users\Huud\Downloads\bully120012trainer.zip
2016-07-19 20:14 - 2016-07-22 16:42 - 00000000 ____D C:\Users\Huud\Documents\Bully Scholarship Edition
2016-07-19 19:09 - 2016-07-19 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-07-19 19:05 - 2016-07-19 19:05 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2016-07-19 17:12 - 2016-07-19 17:40 - 00000000 ____D C:\Users\Huud\Downloads\Bully repack Mr DJ
2016-07-19 16:35 - 2016-07-19 16:35 - 00000964 _____ C:\Users\Huud\Downloads\improvedinterstellerdrive.zip
2016-07-19 14:48 - 2016-07-22 18:07 - 00000000 ____D C:\Users\Huud\Desktop\Skin
2016-07-19 14:48 - 2016-07-19 14:48 - 02259195 _____ C:\Users\Huud\Downloads\SkinPreview_Full_Version.zip
2016-07-19 09:43 - 2016-07-27 21:39 - 00003438 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-18 18:03 - 2016-07-18 18:03 - 00340209 _____ C:\Users\Huud\Downloads\No_cooldown (1).package
2016-07-17 21:48 - 2016-07-17 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-17 16:59 - 2016-07-17 16:59 - 01163686 _____ C:\Users\Huud\Downloads\23e2b3a0abfe32994f2b.zip
2016-07-16 22:54 - 2016-07-16 22:54 - 01139270 _____ C:\Users\Huud\Downloads\spore1316trainer.zip
2016-07-16 22:47 - 2016-07-16 22:47 - 00025940 _____ C:\Users\Huud\Downloads\SPORE.PLUS33TRN.KELSAT.ZIP
2016-07-16 15:31 - 2016-07-16 15:31 - 00340209 _____ C:\Users\Huud\Downloads\No_cooldown.package
2016-07-16 15:27 - 2016-07-16 15:27 - 00144789 _____ C:\Users\Huud\Downloads\buy all terraform specials.package
2016-07-16 15:27 - 2016-07-16 15:27 - 00002991 _____ C:\Users\Huud\Downloads\inifinitesl.package
2016-07-16 15:21 - 2016-07-16 15:21 - 00010576 _____ C:\Users\Huud\Downloads\Purchase Super Powers and Staff of Life Mod.rar
2016-07-16 15:18 - 2016-07-16 15:18 - 00126125 _____ C:\Users\Huud\Downloads\SporeModCheckAll2.rar
2016-07-16 14:20 - 2016-07-16 14:20 - 15183110 _____ C:\Users\Huud\Downloads\BetterSpore.zip
2016-07-16 14:13 - 2016-07-16 14:13 - 00739639 _____ C:\Users\Huud\Downloads\Link117sMods2.zip
2016-07-16 14:10 - 2016-07-16 14:11 - 00000000 ____D C:\Users\Huud\Documents\Minhas criações Spore
2016-07-16 14:10 - 2016-07-16 14:11 - 00000000 ____D C:\Users\Huud\AppData\Roaming\SPORE
2016-07-16 14:05 - 2016-07-16 15:19 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-07-16 12:46 - 2016-07-16 12:46 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orion's Belt
2016-07-16 12:44 - 2016-07-16 12:44 - 15772501 _____ C:\Users\Huud\Downloads\5.ProjectAvalon_1.2__23rd_Aug_2014.zip
2016-07-16 12:44 - 2016-07-16 12:44 - 00020242 _____ C:\Users\Huud\Downloads\6.OmegaPipeLine__29th_Aug_2014.zip
2016-07-16 12:39 - 2016-07-16 12:39 - 00003873 _____ C:\Users\Huud\Downloads\009_ONLINE_MOD_PROP_XOXIDE_20140811_1_6_Buldozer.zip
2016-07-16 12:38 - 2016-07-16 12:38 - 00102179 _____ C:\Users\Huud\Downloads\4.AkarSubway_optional (1).rar
2016-07-16 12:37 - 2016-07-16 12:37 - 00102179 _____ C:\Users\Huud\Downloads\4.AkarSubway_optional.rar
2016-07-16 12:36 - 2016-07-16 12:36 - 00056234 _____ C:\Users\Huud\Downloads\3.AkarDecoration.rar
2016-07-16 12:34 - 2016-07-16 12:34 - 05437246 _____ C:\Users\Huud\Downloads\2.AkarRoadsSet_1.0.5__23rd_Sep_2014.zip
2016-07-16 12:33 - 2016-07-16 12:33 - 00028225 _____ C:\Users\Huud\Downloads\1.ProjectAkar_2.0__23rd_Aug_2014 (1).zip
2016-07-16 12:17 - 2016-07-16 12:58 - 00000000 ____D C:\Users\Huud\Downloads\Spore-RELOADED
2016-07-16 12:11 - 2016-07-16 12:11 - 00000000 ____D C:\Users\Huud\AppData\Local\ElevatedDiagnostics
2016-07-14 18:56 - 2016-07-14 18:56 - 00210617 _____ C:\Users\Huud\Downloads\forge-1.8-11.14.4.1563-mdk.zip
2016-07-14 18:55 - 2016-07-14 18:55 - 03453113 _____ C:\Users\Huud\Downloads\forge-1.8-11.14.4.1563-universal.jar
2016-07-14 18:54 - 2016-07-14 18:54 - 00271872 _____ C:\Users\Huud\Downloads\Setup24797.exe
2016-07-13 17:28 - 2016-05-25 10:22 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-07-13 17:28 - 2016-05-25 10:22 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-07-13 17:28 - 2016-05-25 10:12 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-07-13 17:28 - 2016-05-25 10:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-07-13 16:29 - 2016-06-25 17:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:29 - 2016-06-25 15:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-13 16:29 - 2016-06-25 13:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-13 16:29 - 2016-06-25 13:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-13 16:29 - 2016-06-25 13:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-13 16:29 - 2016-06-25 13:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-13 16:29 - 2016-06-22 10:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-13 16:29 - 2016-06-21 15:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-07-13 16:29 - 2016-06-21 11:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-07-13 16:29 - 2016-06-21 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-13 16:29 - 2016-06-11 16:45 - 07445856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-13 16:29 - 2016-01-30 16:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-07-13 16:29 - 2016-01-30 16:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-07-13 16:29 - 2016-01-30 15:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-07-13 16:29 - 2016-01-30 15:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-07-13 16:29 - 2016-01-30 14:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2016-07-13 16:29 - 2016-01-30 14:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-07-13 16:28 - 2016-06-11 15:14 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-13 16:28 - 2016-06-11 15:11 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-13 16:28 - 2016-06-11 14:56 - 25812992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-13 16:28 - 2016-06-11 14:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-13 16:28 - 2016-06-11 14:42 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-13 16:28 - 2016-06-11 14:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-13 16:28 - 2016-06-11 14:22 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-13 16:28 - 2016-06-11 14:22 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-13 16:28 - 2016-06-11 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-13 16:28 - 2016-06-11 14:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-13 16:28 - 2016-06-11 14:13 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-13 16:28 - 2016-06-11 14:12 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-13 16:28 - 2016-06-11 14:12 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-07-13 16:28 - 2016-06-11 14:07 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-13 16:28 - 2016-06-11 14:03 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-13 16:28 - 2016-06-11 14:01 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-13 16:28 - 2016-06-11 14:00 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-13 16:28 - 2016-06-11 14:00 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-13 16:28 - 2016-06-11 13:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-13 16:28 - 2016-06-11 13:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-13 16:28 - 2016-06-11 13:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-13 16:28 - 2016-06-11 13:38 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-07-13 16:28 - 2016-06-11 13:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-13 16:28 - 2016-06-11 13:31 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-13 16:28 - 2016-06-11 13:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-13 16:28 - 2016-06-11 13:31 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-13 16:28 - 2016-06-11 13:30 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-13 16:28 - 2016-06-11 13:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-13 16:28 - 2016-06-11 13:26 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-13 16:28 - 2016-06-11 13:15 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-13 16:28 - 2016-06-11 13:12 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-13 16:28 - 2016-06-11 13:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-13 16:28 - 2016-06-11 12:59 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-13 16:28 - 2016-06-11 12:56 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-13 16:28 - 2016-06-11 12:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-13 16:28 - 2016-06-10 18:35 - 04167680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-12 21:15 - 2016-07-12 21:15 - 00031950 _____ C:\Users\Huud\Downloads\Admin_plugin.jar
2016-07-12 21:00 - 2016-07-12 21:00 - 00026320 _____ C:\Users\Huud\Downloads\AdminModev1.4.jar
2016-07-12 20:44 - 2016-07-12 20:44 - 00018341 _____ C:\Users\Huud\Downloads\AdvancedAdmin.jar
2016-07-12 19:12 - 2016-07-12 19:12 - 00103168 _____ C:\Users\Huud\Downloads\ChestRegen.jar
2016-07-12 17:49 - 2016-07-12 17:49 - 00346307 _____ C:\Users\Huud\Downloads\Autorank-3.8.jar
2016-07-12 07:00 - 2016-07-12 07:02 - 01183448 _____ C:\Users\Huud\Documents\Quadrilha.sfk
2016-07-12 06:40 - 2016-07-12 06:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-07-12 06:39 - 2016-07-12 06:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-11 13:07 - 2016-06-14 01:25 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Skype
2016-08-11 13:01 - 2016-06-14 00:46 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-660149222-360375265-253833097-1001
2016-08-11 12:56 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-11 12:56 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-11 10:47 - 2016-07-11 07:43 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-08-11 07:06 - 2016-06-14 01:09 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4FEE264E-4485-4343-A9C2-AA72A62759A3}
2016-08-11 02:00 - 2016-06-15 12:32 - 00000000 ____D C:\Users\Huud\AppData\Local\Adobe
2016-08-10 12:45 - 2016-06-19 00:44 - 00000037 _____ C:\Users\Huud\Documents\metotrexato.txt
2016-08-10 12:36 - 2016-06-14 14:10 - 00000000 ____D C:\Users\Huud\AppData\Roaming\uTorrent
2016-08-10 07:28 - 2016-06-21 09:05 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-09 19:32 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-09 19:30 - 2016-06-14 08:01 - 00000000 ____D C:\Windows\system32\MRT
2016-08-09 19:26 - 2016-06-14 08:01 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-09 17:53 - 2016-06-14 00:45 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-09 17:53 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-08-09 17:47 - 2016-07-08 18:39 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Java
2016-08-09 17:46 - 2016-06-19 17:50 - 00000000 ____D C:\Users\Huud\AppData\Local\LogMeIn Hamachi
2016-08-08 17:43 - 2016-06-14 01:12 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-07 22:27 - 2016-06-14 00:38 - 00000000 ____D C:\Users\Huud
2016-08-07 22:25 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Registration
2016-08-05 15:19 - 2016-06-14 00:39 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Adobe
2016-08-04 22:04 - 2014-01-27 02:58 - 00000000 ____D C:\Users\Huud\Desktop\Odin_v3.09
2016-08-04 17:51 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-01 12:17 - 2016-06-19 18:05 - 00000000 ____D C:\Users\Huud\AppData\Roaming\.minecraft
2016-07-31 20:00 - 2016-06-14 17:29 - 00000000 ___RD C:\Users\Huud\Desktop\Games
2016-07-31 16:08 - 2016-06-20 17:36 - 00000000 ____D C:\Program Files (x86)\EloBuddy
2016-07-28 13:25 - 2013-08-22 12:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-26 23:32 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-07-24 20:56 - 2016-06-14 16:59 - 00000000 ____D C:\Users\Huud\AppData\Roaming\DAEMON Tools Lite
2016-07-24 20:56 - 2016-06-14 08:18 - 00000000 ____D C:\Windows\Minidump
2016-07-24 20:56 - 2016-06-14 01:30 - 00000000 ____D C:\Windows\Panther
2016-07-24 10:42 - 2016-06-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CC 2015
2016-07-24 10:34 - 2016-06-14 17:29 - 00000000 ____D C:\ProgramData\Oracle
2016-07-24 10:33 - 2016-06-14 17:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-24 10:32 - 2016-06-14 17:29 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-24 10:32 - 2016-06-14 17:29 - 00000000 ____D C:\Users\Huud\.oracle_jre_usage
2016-07-24 10:32 - 2016-06-14 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-23 23:42 - 2016-07-08 19:47 - 00000000 ____D C:\Program Files (x86)\No-IP
2016-07-23 19:53 - 2016-06-15 12:41 - 00000000 ____D C:\Program Files\Adobe
2016-07-21 20:33 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-21 20:32 - 2016-06-21 09:06 - 00000000 ____D C:\Windows\system32\log
2016-07-21 20:32 - 2016-06-14 14:39 - 00000000 ____D C:\Users\Huud\AppData\Local\Apps\2.0
2016-07-21 20:28 - 2016-06-14 00:38 - 00000000 ____D C:\Users\Huud\AppData\Local\Packages
2016-07-21 20:22 - 2016-06-14 00:36 - 00000000 ____D C:\Program Files\KMSpico
2016-07-21 20:17 - 2016-06-14 01:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-21 20:05 - 2016-06-14 14:41 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Mozilla
2016-07-20 13:23 - 2016-06-16 23:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-20 13:23 - 2016-06-16 23:21 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-19 19:04 - 2016-06-14 22:01 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-17 21:49 - 2016-06-15 06:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-17 16:22 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-07-15 07:27 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-07-14 18:14 - 2016-06-14 17:29 - 00000412 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2016-07-14 16:49 - 2016-06-14 01:25 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 16:48 - 2016-06-14 01:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-14 16:45 - 2013-08-22 11:44 - 05011904 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-13 23:09 - 2016-06-16 23:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-13 23:09 - 2013-08-22 16:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 23:09 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
==================== Files in the root of some directories =======
2016-08-05 15:19 - 2016-08-05 15:19 - 0000033 _____ () C:\Users\Huud\AppData\Roaming\AdobeWLCMCache.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 6867968 _____ () C:\Users\Huud\AppData\Roaming\agent.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 0848437 _____ () C:\Users\Huud\AppData\Roaming\AlphaZunlight.bin
2016-06-14 14:40 - 2016-06-14 14:40 - 0054272 _____ () C:\Users\Huud\AppData\Roaming\ApplicationHosting.dat
2016-06-14 14:40 - 2016-06-14 14:39 - 0957440 _____ () C:\Users\Huud\AppData\Roaming\Blackhome.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 0072704 _____ () C:\Users\Huud\AppData\Roaming\Blackhome.tst
2016-06-14 14:40 - 2016-06-14 14:40 - 0069072 _____ () C:\Users\Huud\AppData\Roaming\Config.xml
2016-06-14 14:41 - 2016-06-14 14:41 - 2279413 _____ () C:\Users\Huud\AppData\Roaming\IndigoRon.bin
2016-06-14 14:39 - 2016-06-14 14:40 - 0018288 _____ () C:\Users\Huud\AppData\Roaming\InstallationConfiguration.xml
2016-06-14 14:39 - 2016-06-14 14:39 - 0128512 _____ () C:\Users\Huud\AppData\Roaming\Installer.dat
2016-06-14 14:43 - 2015-09-01 00:26 - 1099376 _____ () C:\Users\Huud\AppData\Roaming\inst_buychannel_01.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 0126464 _____ () C:\Users\Huud\AppData\Roaming\lobby.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 0018432 _____ () C:\Users\Huud\AppData\Roaming\Main.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 0005568 _____ () C:\Users\Huud\AppData\Roaming\md.xml
2016-06-14 14:40 - 2016-06-14 14:40 - 0126464 _____ () C:\Users\Huud\AppData\Roaming\noah.dat
2016-06-14 14:40 - 2016-05-27 06:27 - 51990120 _____ () C:\Users\Huud\AppData\Roaming\qqpcmgr_v11.5.17490.219_90137_Silence.exe
2016-06-14 14:40 - 2016-06-14 14:39 - 0957440 _____ () C:\Users\Huud\AppData\Roaming\Rankity.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 1760384 _____ () C:\Users\Huud\AppData\Roaming\Rankity.tst
2016-06-14 14:41 - 2016-06-14 14:41 - 0032038 _____ () C:\Users\Huud\AppData\Roaming\uninstall_temp.ico
2016-06-14 22:33 - 2016-06-14 22:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Huud\AppData\Local\Temp\jansi-32-git-Spigot-1387.dll
C:\Users\Huud\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Huud\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-04 18:02
==================== End of FRST.txt ============================
Ran by Huud (administrator) on HUD (11-08-2016 13:05:08)
Running from C:\Users\Huud\Downloads
Loaded Profiles: Huud (Available Profiles: Huud)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Bigjane\Application\chrome.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Huud\AppData\Roaming\Java\SYSHUD.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Java7 Update] => C:\Users\Huud\AppData\Roaming\Java\SYSHUD.exe [93696512 2016-07-08] ()
HKLM\...\Run: [Java Scheduler 7] => C:\Users\Huud\AppData\Roaming\Java\Java8.exe
HKLM-x32\...\Run: [StereoLinksInstall] => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1855672 2015-07-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-08] (Disc Soft Ltd)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\MountPoints2: {9ffe97cb-32db-11e6-8266-bc5ff4f90db9} - "J:\Autoplay.exe" -auto
HKU\S-1-5-21-660149222-360375265-253833097-1001\...\MountPoints2: {af3f1d98-325d-11e6-8264-bc5ff4f90db9} - "E:\Autoplay.exe" -auto
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll No File
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-660149222-360375265-253833097-1001] => 127.0.0.1:60074
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{A51B04F4-7FD3-4AA6-94A5-5055DA694E3C}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A51B04F4-7FD3-4AA6-94A5-5055DA694E3C}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-660149222-360375265-253833097-1001 -> {CCC656BE-1446-42AA-9657-87D87284EC11} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
FireFox:
========
FF ProfilePath: C:\Users\Huud\AppData\Roaming\Mozilla\Firefox\Profiles\g1dyltku.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 57460
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 57460
FF NetworkProxy: "type", 1
FF NetworkProxy: "http_port", 18751
FF NetworkProxy: "ssl_port", 18751
FF NetworkProxy: " type", 1
FF NetworkProxy: "http_port", 45207
FF NetworkProxy: "ssl_port", 45207
FF NetworkProxy: "http_port", 51394
FF NetworkProxy: "ssl_port", 51394
FF NetworkProxy: "http_port", 17773
FF NetworkProxy: "ssl_port", 17773
FF NetworkProxy: "http_port", 5449
FF NetworkProxy: "ssl_port", 5449
FF NetworkProxy: "http_port", 21947
FF NetworkProxy: "ssl_port", 21947
FF NetworkProxy: "http_port", 18466
FF NetworkProxy: "ssl_port", 18466
FF NetworkProxy: "http_port", 39580
FF NetworkProxy: "ssl_port", 39580
FF NetworkProxy: "http_port", 1949
FF NetworkProxy: "ssl_port", 1949
FF NetworkProxy: "http_port", 60072
FF NetworkProxy: "ssl_port", 60072
FF NetworkProxy: "http_port", 16501
FF NetworkProxy: "ssl_port", 16501
FF NetworkProxy: "http_port", 5743
FF NetworkProxy: "ssl_port", 5743
FF NetworkProxy: "http_port", 12646
FF NetworkProxy: "ssl_port", 12646
FF NetworkProxy: "http_port", 25409
FF NetworkProxy: "ssl_port", 25409
FF NetworkProxy: "http_port", 52054
FF NetworkProxy: "ssl_port", 52054
FF NetworkProxy: "http_port", 14595
FF NetworkProxy: "ssl_port", 14595
FF NetworkProxy: "http_port", 51451
FF NetworkProxy: "ssl_port", 51451
FF NetworkProxy: "http_port", 46143
FF NetworkProxy: "ssl_port", 46143
FF NetworkProxy: "http_port", 57943
FF NetworkProxy: "ssl_port", 57943
FF NetworkProxy: "http_port", 55560
FF NetworkProxy: "ssl_port", 55560
FF NetworkProxy: "http_port", 37959
FF NetworkProxy: "ssl_port", 37959
FF NetworkProxy: "http_port", 42500
FF NetworkProxy: "ssl_port", 42500
FF NetworkProxy: "http_port", 22814
FF NetworkProxy: "ssl_port", 22814
FF NetworkProxy: "http_port", 44752
FF NetworkProxy: "ssl_port", 44752
FF NetworkProxy: "http_port", 17009
FF NetworkProxy: "ssl_port", 17009
FF NetworkProxy: "http_port", 60074
FF NetworkProxy: "ssl_port", 60074
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-15] [not signed]
Chrome:
=======
CHR HomePage: ChromeDefaultData2 -> hxxp://www.nicesearches.com?type=hp&ts=1466511050&from=f0510621&uid=st500dm002-1bc142_6vmydn1kxxxx6vmydn1k&z=78cde7e52e5d3d9ee8074e2gczfq9q6w4gbg4eawee
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nicesearches.com?type=hp&ts=1466511050&from=f0510621&uid=st500dm002-1bc142_6vmydn1kxxxx6vmydn1k&z=78cde7e52e5d3d9ee8074e2gczfq9q6w4gbg4eawee"
CHR Profile: C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2
CHR Extension: (Google Apresentações) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-14]
CHR Extension: (Google Docs) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-14]
CHR Extension: (Google Drive) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-14]
CHR Extension: (YouTube) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-06-15]
CHR Extension: (Planilhas do Google) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-14]
CHR Extension: (Gmail) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-14]
CHR Extension: (Chrome Media Router) - C:\Users\Huud\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-08] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-06-08] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [422104 2016-07-21] ()
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1242232 2016-07-26] (ExWzp Pvt Ltd.) <==== ATTENTION
S2 ArerackServerService; "C:\Program Files (x86)\Arerack\ArerackServerService.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S2 BigjaneP; "C:\ProgramData\Bigjane\Bigjane.exe" [X]
S2 BigjaneU; "C:\Program Files (x86)\Bigjane\Update\BigjaneUpdate.exe" [X]
S2 cktSvc; "C:\Program Files (x86)\Uncheckit\cktSvc.exe" {92E162D7-70FD-48F7-A779-91154F8FD518} [X]
S2 dowidoly; no ImagePath
S2 duvoshlecitionCollectorS; "C:\Program Files (x86)\Duvoshlecition\duvoshlecitionCollectorS.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S2 LefttoeP; "C:\ProgramData\Lefttoe\Lefttoe.exe" [X]
S2 LefttoeU; "C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe" [X]
S2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [X]
S2 WdMan; C:\ProgramData\EwinpE\WFini.exe -svr [X]
S2 YesdearP; "C:\ProgramData\Yesdear\Yesdear.exe" [X]
S2 YesdearU; "C:\Program Files (x86)\Yesdear\Update\YesdearUpdate.exe" [X]
S2 YSearchUtilSvc; "C:\Program Files (x86)\Yahoo!\yset\{743AAE24-18AB-8941-A33C-5DE56D31CDE8}\YSearchUtilSvc.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2016-06-14] (Advanced Micro Devices Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-06-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-06-14] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 whfltr2k; C:\Windows\System32\drivers\whfltr2k.sys [10368 2016-06-14] ()
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-06-14] (Basil Projects)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R3 X6va061; \??\C:\Windows\SysWOW64\Drivers\X6va061 [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-11 13:05 - 2016-08-11 13:07 - 00019985 _____ C:\Users\Huud\Downloads\FRST.txt
2016-08-11 13:04 - 2016-08-11 13:05 - 00000000 ____D C:\FRST
2016-08-11 13:04 - 2016-08-11 13:04 - 02393600 _____ (Farbar) C:\Users\Huud\Downloads\FRST64.exe
2016-08-11 13:03 - 2016-08-11 13:03 - 01744384 _____ (Farbar) C:\Users\Huud\Downloads\FRST.exe
2016-08-10 16:26 - 2016-08-10 16:26 - 00743760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100d.dll
2016-08-10 16:25 - 2016-08-10 16:25 - 01537368 _____ C:\Users\Huud\Downloads\Fuji Trainer Ver. 1.4.0.0.rar
2016-08-10 16:25 - 2012-12-11 03:23 - 00000000 ____D C:\Users\Huud\Desktop\Fuji Trainer Ver. 1.4.0.0
2016-08-10 13:24 - 2016-08-10 13:24 - 01559040 _____ (Febit) C:\Windows\SysWOW64\Cabal.dll
2016-08-10 13:23 - 2016-08-10 13:23 - 00895739 _____ C:\Users\Huud\Downloads\Small Trainer.rar
2016-08-10 13:23 - 2016-07-22 16:50 - 03084288 _____ C:\Users\Huud\Desktop\Small Trainer.exe
2016-08-10 13:15 - 2016-08-10 09:12 - 00141824 _____ C:\Users\Huud\Desktop\for CabalMain.exe
2016-08-10 13:14 - 2016-08-10 13:14 - 00041278 _____ C:\Users\Huud\Downloads\for CabalMain.rar
2016-08-10 12:34 - 2016-08-10 12:34 - 00000681 _____ C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cabal Nexus Online.lnk
2016-08-10 12:34 - 2016-08-10 12:34 - 00000651 _____ C:\Users\Public\Desktop\Cabal Nexus.lnk
2016-08-10 12:33 - 2016-08-10 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Games
2016-08-10 12:22 - 2016-08-10 22:02 - 00000000 ____D C:\CABAL NexusGames
2016-08-10 00:34 - 2016-08-10 01:05 - 2100597463 ____R (Nexus Games ) C:\Users\Huud\Downloads\CabalNexusEP12V6-FULL.exe
2016-08-10 00:34 - 2016-08-10 00:34 - 00021068 _____ C:\Users\Huud\Downloads\CabalNexusEP12V6-FULL.exe.torrent
2016-08-09 18:10 - 2016-08-09 18:10 - 00000000 ____D C:\Users\Huud\Desktop\Tor Browser
2016-08-09 18:08 - 2016-08-09 18:10 - 49850824 _____ C:\Users\Huud\Downloads\torbrowser-install-6.0.3_pt-PT.exe
2016-08-08 21:59 - 2016-08-08 21:59 - 00363644 _____ C:\Users\Huud\Downloads\ca3008bb-6f18-48a8-bdd6-ab56b71557f1 (2).pdf
2016-08-08 21:58 - 2016-08-08 21:58 - 00628450 _____ C:\Users\Huud\Downloads\4ee21345-a3e8-4efe-a07e-9a8401e9a3ca (1).pdf
2016-08-08 21:56 - 2016-08-08 21:56 - 00363644 _____ C:\Users\Huud\Downloads\ca3008bb-6f18-48a8-bdd6-ab56b71557f1 (1).pdf
2016-08-08 12:55 - 2016-08-08 12:55 - 00628450 _____ C:\Users\Huud\Downloads\4ee21345-a3e8-4efe-a07e-9a8401e9a3ca.pdf
2016-08-08 12:52 - 2016-08-08 12:52 - 00363644 _____ C:\Users\Huud\Downloads\ca3008bb-6f18-48a8-bdd6-ab56b71557f1.pdf
2016-08-08 00:51 - 2016-08-08 00:51 - 00000000 ____D C:\Users\Huud\AppData\Local\MultiPlayerManager
2016-08-07 22:27 - 2016-08-08 00:55 - 00000000 ____D C:\Users\Huud\.android
2016-08-07 22:26 - 2016-08-07 22:26 - 00000963 _____ C:\Users\Huud\Desktop\Multi-Drive.lnk
2016-08-07 22:26 - 2016-08-07 22:26 - 00000882 _____ C:\Users\Huud\Desktop\Nox.lnk
2016-08-07 22:26 - 2016-08-07 22:26 - 00000000 ____D C:\Users\Huud\Nox_share
2016-08-07 22:26 - 2016-08-07 22:26 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-08-07 22:25 - 2016-08-08 00:54 - 00000000 ____D C:\Users\Huud\vmlogs
2016-08-07 22:25 - 2016-08-08 00:54 - 00000000 ____D C:\Users\Huud\.BigNox
2016-08-07 22:25 - 2016-08-07 22:25 - 00000000 ____D C:\Program Files\DIFX
2016-08-07 22:25 - 2016-08-07 22:25 - 00000000 ____D C:\Program Files\Bignox
2016-08-07 22:25 - 2015-09-16 03:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-07 22:25 - 2015-09-16 00:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-07 22:24 - 2016-08-08 01:02 - 00000000 ____D C:\Users\Huud\AppData\Local\Nox
2016-08-07 22:24 - 2016-08-07 22:24 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Nox
2016-08-07 22:04 - 2016-08-07 22:24 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Huud\Downloads\nox_setup_v3.7.1.0_full_En.exe
2016-08-05 16:43 - 2016-08-05 16:43 - 00000000 ____D C:\Users\Huud\Desktop\TransonFinal
2016-08-05 15:19 - 2016-08-05 15:19 - 00000033 _____ C:\Users\Huud\AppData\Roaming\AdobeWLCMCache.dat
2016-08-05 15:18 - 2016-08-05 15:18 - 00048411 _____ C:\Users\Huud\Downloads\animals.zip
2016-08-04 22:04 - 2016-08-04 22:04 - 04069177 _____ C:\Users\Huud\Downloads\xposed-v78-sdk22-x86.zip
2016-08-04 21:21 - 2016-08-04 21:21 - 01693322 _____ C:\Users\Huud\Downloads\Release.zip
2016-08-04 21:07 - 2016-08-04 21:07 - 10209744 _____ C:\Users\Huud\Downloads\com.pokebase.pokedetector_1.1.1-9_minAPI16(arm64-v8a,armeabi,armeabi-v7a,mips,x86,x86_64)(nodpi)_apkquick.com.apk
2016-08-04 21:00 - 2016-08-04 21:00 - 00311268 _____ C:\Users\Huud\Downloads\xposed-uninstaller-20160211.zip
2016-08-04 20:39 - 2016-08-04 20:39 - 03568563 _____ C:\Users\Huud\Downloads\xposed-v86.0-sdk22-arm-custom-build-by-wanam-20160709.zip
2016-08-04 19:51 - 2016-08-04 19:51 - 03557054 _____ C:\Users\Huud\Downloads\xposed-v75.8-sdk22-arm-custom-build-by-wanam-20151030.zip
2016-08-04 19:32 - 2016-08-04 19:32 - 00788771 _____ C:\Users\Huud\Downloads\de.robv.android.xposed.installer_v33_36570c.apk
2016-08-04 19:28 - 2016-08-04 19:28 - 13230138 _____ C:\Users\Huud\Downloads\twrp-3.0.2.0-j500fn.tar.md5
2016-08-04 19:22 - 2016-08-04 19:22 - 00995973 _____ C:\Users\Huud\Downloads\Odin_v3.09.zip
2016-08-03 11:14 - 2016-08-04 21:27 - 00000000 ____D C:\Users\Huud\Desktop\Release
2016-08-01 12:09 - 2016-08-01 12:09 - 26722042 _____ C:\Users\Huud\Downloads\mods.rar
2016-07-28 13:34 - 2016-07-28 13:34 - 00003544 _____ C:\Windows\System32\Tasks\BigjaneUpdateTaskMachineCore
2016-07-28 13:34 - 2016-07-28 13:34 - 00003460 _____ C:\Windows\System32\Tasks\BigjaneUpdateTaskMachineUA
2016-07-28 13:34 - 2016-07-28 13:34 - 00000000 ____D C:\Users\Huud\AppData\Local\Bigjane
2016-07-28 13:32 - 2016-07-28 13:32 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Winziper
2016-07-28 13:28 - 2016-07-28 13:28 - 00000474 __RSH C:\Users\Huud\ntuser.pol
2016-07-27 21:39 - 2016-08-10 07:27 - 00000000 ____D C:\Users\Huud\AppData\Roaming\qksee
2016-07-27 21:39 - 2016-07-31 14:00 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-07-27 21:39 - 2016-07-27 21:39 - 00000000 ____D C:\Users\Huud\AppData\Roaming\eCyber
2016-07-27 21:39 - 2016-07-27 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-07-27 21:39 - 2016-07-27 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-07-25 17:39 - 2016-07-25 17:39 - 00000000 ____D C:\Users\Huud\AppData\Local\Steam
2016-07-25 17:39 - 2016-07-25 17:39 - 00000000 ____D C:\Users\Huud\AppData\Local\CEF
2016-07-25 17:34 - 2016-08-09 17:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-25 17:34 - 2016-07-25 17:34 - 01444992 _____ C:\Users\Huud\Downloads\SteamSetup.exe
2016-07-25 17:34 - 2016-07-25 17:34 - 00000971 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-25 17:34 - 2016-07-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-24 13:14 - 2016-07-24 13:14 - 02171358 _____ C:\Users\Huud\Documents\trabson.swf
2016-07-24 13:14 - 2016-07-24 13:14 - 00010570 _____ C:\Users\Huud\Documents\trabson.html
2016-07-24 13:14 - 2016-07-24 13:14 - 00000000 ____D C:\Users\Huud\Documents\trabson_Resources
2016-07-24 13:06 - 2016-07-24 13:06 - 12345971 _____ C:\Users\Huud\Downloads\League Of Legends no JORNAL NACIONAL - Reportagem sobre a final CBLoL 2016.mp4
2016-07-24 13:03 - 2016-07-31 20:06 - 00000000 ____D C:\Users\Huud\Desktop\Trabson
2016-07-24 11:18 - 2016-07-24 11:18 - 08041746 _____ C:\Users\Huud\Downloads\LeeSin-2.psd
2016-07-24 11:18 - 2016-07-24 11:18 - 08041746 _____ C:\Users\Huud\Downloads\LeeSin-2 (1).psd
2016-07-24 10:35 - 2016-07-24 10:35 - 00000000 ____D C:\Users\Huud\AppData\Local\YSearchUtil
2016-07-23 23:44 - 2016-07-23 23:44 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Huud\Downloads\DTLiteInstaller.exe
2016-07-23 19:48 - 2016-07-23 19:50 - 00000000 ____D C:\Temp Adobe
2016-07-23 19:35 - 2016-07-23 19:47 - 00000000 ____D C:\Users\Huud\Downloads\Adobe InDesign CC 2014.10.0.0.70 RePack by D!akov
2016-07-23 18:30 - 2016-07-23 18:30 - 00016880 _____ C:\Users\Huud\Downloads\adobe.indesign.cc.2014.10.0.0.70.preactivated.repack.by.d.ak.[programasviatorrents.com].torrent
2016-07-23 15:48 - 2016-07-23 15:48 - 00000000 ____D C:\Users\Huud\AppData\Local\CrashRpt
2016-07-23 15:48 - 2016-06-08 02:34 - 00249104 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-07-22 16:16 - 2016-07-22 16:16 - 00000000 ____D C:\Users\Huud\AppData\Local\Level Up!
2016-07-22 16:14 - 2016-07-22 16:14 - 00001614 _____ C:\Users\Huud\Desktop\Warface.lnk
2016-07-22 16:14 - 2016-07-22 16:14 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-07-22 16:09 - 2016-07-22 16:09 - 00000000 ____D C:\Level Up
2016-07-22 14:03 - 2016-07-22 14:31 - 00000000 ____D C:\Users\Huud\Downloads\Instalador_Client_Warface_1.1.409.107
2016-07-22 13:32 - 2016-07-22 13:32 - 00400944 _____ () C:\Users\Huud\Downloads\warface.exe
2016-07-22 13:32 - 2016-07-22 13:32 - 00032662 _____ C:\Users\Huud\Downloads\Instalador_Client_Warface.torrent
2016-07-22 05:51 - 2016-07-22 05:51 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2016-07-22 05:51 - 2016-07-22 05:51 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2016-07-21 20:31 - 2016-07-21 20:40 - 00000000 ____D C:\AdwCleaner
2016-07-21 20:31 - 2016-07-21 20:31 - 03712064 _____ C:\Users\Huud\Downloads\AdwCleaner.exe
2016-07-21 20:21 - 2016-07-22 12:44 - 00000878 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-21 20:21 - 2016-07-21 20:21 - 06868672 _____ (Piriform Ltd) C:\Users\Huud\Downloads\ccsetup516.exe
2016-07-21 20:21 - 2016-07-21 20:21 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-21 20:21 - 2016-07-21 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-21 20:21 - 2016-07-21 20:21 - 00000000 ____D C:\Program Files\CCleaner
2016-07-21 20:18 - 2016-08-08 17:43 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 20:17 - 2016-08-11 12:41 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 20:17 - 2016-08-10 18:41 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 20:17 - 2016-07-28 18:36 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-21 20:17 - 2016-07-28 18:36 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-21 20:16 - 2016-07-21 20:17 - 00000000 ____D C:\Users\Huud\AppData\Local\Deployment
2016-07-21 20:05 - 2016-07-21 20:05 - 25200168 _____ (Mozilla) C:\Users\Huud\Downloads\Firefox Setup [1].exe
2016-07-21 20:05 - 2016-07-21 20:05 - 00000000 ____D C:\Users\Huud\AppData\Local\Mozilla
2016-07-21 20:05 - 2016-07-21 20:05 - 00000000 ____D C:\ProgramData\Mozilla
2016-07-21 19:41 - 2016-07-21 19:41 - 00987728 _____ (Google Inc.) C:\Users\Huud\Downloads\ChromeSetup.exe
2016-07-20 13:23 - 2016-07-20 13:23 - 00000000 ____D C:\Windows\EOONotify
2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2016-07-20 11:06 - 2016-07-20 11:06 - 01138688 _____ C:\Users\Huud\Downloads\Untitled-1.indd
2016-07-20 11:05 - 2016-07-24 13:15 - 06197248 _____ C:\Users\Huud\Documents\Untitled-1.indd
2016-07-20 09:51 - 2016-07-21 17:10 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-20 09:51 - 2016-07-21 17:10 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-20 09:50 - 2016-07-20 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-20 09:50 - 2016-07-20 09:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-07-19 20:28 - 2016-07-19 20:28 - 00381816 _____ C:\Users\Huud\Downloads\bully120012trainer.zip
2016-07-19 20:14 - 2016-07-22 16:42 - 00000000 ____D C:\Users\Huud\Documents\Bully Scholarship Edition
2016-07-19 19:09 - 2016-07-19 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-07-19 19:05 - 2016-07-19 19:05 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2016-07-19 17:12 - 2016-07-19 17:40 - 00000000 ____D C:\Users\Huud\Downloads\Bully repack Mr DJ
2016-07-19 16:35 - 2016-07-19 16:35 - 00000964 _____ C:\Users\Huud\Downloads\improvedinterstellerdrive.zip
2016-07-19 14:48 - 2016-07-22 18:07 - 00000000 ____D C:\Users\Huud\Desktop\Skin
2016-07-19 14:48 - 2016-07-19 14:48 - 02259195 _____ C:\Users\Huud\Downloads\SkinPreview_Full_Version.zip
2016-07-19 09:43 - 2016-07-27 21:39 - 00003438 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-18 18:03 - 2016-07-18 18:03 - 00340209 _____ C:\Users\Huud\Downloads\No_cooldown (1).package
2016-07-17 21:48 - 2016-07-17 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-17 16:59 - 2016-07-17 16:59 - 01163686 _____ C:\Users\Huud\Downloads\23e2b3a0abfe32994f2b.zip
2016-07-16 22:54 - 2016-07-16 22:54 - 01139270 _____ C:\Users\Huud\Downloads\spore1316trainer.zip
2016-07-16 22:47 - 2016-07-16 22:47 - 00025940 _____ C:\Users\Huud\Downloads\SPORE.PLUS33TRN.KELSAT.ZIP
2016-07-16 15:31 - 2016-07-16 15:31 - 00340209 _____ C:\Users\Huud\Downloads\No_cooldown.package
2016-07-16 15:27 - 2016-07-16 15:27 - 00144789 _____ C:\Users\Huud\Downloads\buy all terraform specials.package
2016-07-16 15:27 - 2016-07-16 15:27 - 00002991 _____ C:\Users\Huud\Downloads\inifinitesl.package
2016-07-16 15:21 - 2016-07-16 15:21 - 00010576 _____ C:\Users\Huud\Downloads\Purchase Super Powers and Staff of Life Mod.rar
2016-07-16 15:18 - 2016-07-16 15:18 - 00126125 _____ C:\Users\Huud\Downloads\SporeModCheckAll2.rar
2016-07-16 14:20 - 2016-07-16 14:20 - 15183110 _____ C:\Users\Huud\Downloads\BetterSpore.zip
2016-07-16 14:13 - 2016-07-16 14:13 - 00739639 _____ C:\Users\Huud\Downloads\Link117sMods2.zip
2016-07-16 14:10 - 2016-07-16 14:11 - 00000000 ____D C:\Users\Huud\Documents\Minhas criações Spore
2016-07-16 14:10 - 2016-07-16 14:11 - 00000000 ____D C:\Users\Huud\AppData\Roaming\SPORE
2016-07-16 14:05 - 2016-07-16 15:19 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-07-16 12:46 - 2016-07-16 12:46 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orion's Belt
2016-07-16 12:44 - 2016-07-16 12:44 - 15772501 _____ C:\Users\Huud\Downloads\5.ProjectAvalon_1.2__23rd_Aug_2014.zip
2016-07-16 12:44 - 2016-07-16 12:44 - 00020242 _____ C:\Users\Huud\Downloads\6.OmegaPipeLine__29th_Aug_2014.zip
2016-07-16 12:39 - 2016-07-16 12:39 - 00003873 _____ C:\Users\Huud\Downloads\009_ONLINE_MOD_PROP_XOXIDE_20140811_1_6_Buldozer.zip
2016-07-16 12:38 - 2016-07-16 12:38 - 00102179 _____ C:\Users\Huud\Downloads\4.AkarSubway_optional (1).rar
2016-07-16 12:37 - 2016-07-16 12:37 - 00102179 _____ C:\Users\Huud\Downloads\4.AkarSubway_optional.rar
2016-07-16 12:36 - 2016-07-16 12:36 - 00056234 _____ C:\Users\Huud\Downloads\3.AkarDecoration.rar
2016-07-16 12:34 - 2016-07-16 12:34 - 05437246 _____ C:\Users\Huud\Downloads\2.AkarRoadsSet_1.0.5__23rd_Sep_2014.zip
2016-07-16 12:33 - 2016-07-16 12:33 - 00028225 _____ C:\Users\Huud\Downloads\1.ProjectAkar_2.0__23rd_Aug_2014 (1).zip
2016-07-16 12:17 - 2016-07-16 12:58 - 00000000 ____D C:\Users\Huud\Downloads\Spore-RELOADED
2016-07-16 12:11 - 2016-07-16 12:11 - 00000000 ____D C:\Users\Huud\AppData\Local\ElevatedDiagnostics
2016-07-14 18:56 - 2016-07-14 18:56 - 00210617 _____ C:\Users\Huud\Downloads\forge-1.8-11.14.4.1563-mdk.zip
2016-07-14 18:55 - 2016-07-14 18:55 - 03453113 _____ C:\Users\Huud\Downloads\forge-1.8-11.14.4.1563-universal.jar
2016-07-14 18:54 - 2016-07-14 18:54 - 00271872 _____ C:\Users\Huud\Downloads\Setup24797.exe
2016-07-13 17:28 - 2016-05-25 10:22 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-07-13 17:28 - 2016-05-25 10:22 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-07-13 17:28 - 2016-05-25 10:12 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-07-13 17:28 - 2016-05-25 10:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-07-13 16:29 - 2016-06-25 17:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:29 - 2016-06-25 15:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-13 16:29 - 2016-06-25 13:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-13 16:29 - 2016-06-25 13:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-13 16:29 - 2016-06-25 13:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-13 16:29 - 2016-06-25 13:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-13 16:29 - 2016-06-22 10:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-13 16:29 - 2016-06-21 15:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-07-13 16:29 - 2016-06-21 11:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-07-13 16:29 - 2016-06-21 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-13 16:29 - 2016-06-21 10:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-13 16:29 - 2016-06-11 16:45 - 07445856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-13 16:29 - 2016-01-30 16:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-07-13 16:29 - 2016-01-30 16:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-07-13 16:29 - 2016-01-30 15:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-07-13 16:29 - 2016-01-30 15:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-07-13 16:29 - 2016-01-30 14:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2016-07-13 16:29 - 2016-01-30 14:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-07-13 16:28 - 2016-06-11 15:14 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-13 16:28 - 2016-06-11 15:11 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-13 16:28 - 2016-06-11 14:56 - 25812992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-13 16:28 - 2016-06-11 14:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-13 16:28 - 2016-06-11 14:42 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-13 16:28 - 2016-06-11 14:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-13 16:28 - 2016-06-11 14:22 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-13 16:28 - 2016-06-11 14:22 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-13 16:28 - 2016-06-11 14:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-13 16:28 - 2016-06-11 14:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-13 16:28 - 2016-06-11 14:13 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-13 16:28 - 2016-06-11 14:12 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-13 16:28 - 2016-06-11 14:12 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-07-13 16:28 - 2016-06-11 14:07 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-13 16:28 - 2016-06-11 14:03 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-13 16:28 - 2016-06-11 14:01 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-13 16:28 - 2016-06-11 14:00 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-13 16:28 - 2016-06-11 14:00 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-13 16:28 - 2016-06-11 13:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-13 16:28 - 2016-06-11 13:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-13 16:28 - 2016-06-11 13:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-13 16:28 - 2016-06-11 13:38 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-07-13 16:28 - 2016-06-11 13:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-13 16:28 - 2016-06-11 13:31 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-13 16:28 - 2016-06-11 13:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-13 16:28 - 2016-06-11 13:31 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-13 16:28 - 2016-06-11 13:30 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-13 16:28 - 2016-06-11 13:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-13 16:28 - 2016-06-11 13:26 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-13 16:28 - 2016-06-11 13:15 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-13 16:28 - 2016-06-11 13:12 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-13 16:28 - 2016-06-11 13:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-13 16:28 - 2016-06-11 12:59 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-13 16:28 - 2016-06-11 12:56 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-13 16:28 - 2016-06-11 12:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-13 16:28 - 2016-06-10 18:35 - 04167680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-12 21:15 - 2016-07-12 21:15 - 00031950 _____ C:\Users\Huud\Downloads\Admin_plugin.jar
2016-07-12 21:00 - 2016-07-12 21:00 - 00026320 _____ C:\Users\Huud\Downloads\AdminModev1.4.jar
2016-07-12 20:44 - 2016-07-12 20:44 - 00018341 _____ C:\Users\Huud\Downloads\AdvancedAdmin.jar
2016-07-12 19:12 - 2016-07-12 19:12 - 00103168 _____ C:\Users\Huud\Downloads\ChestRegen.jar
2016-07-12 17:49 - 2016-07-12 17:49 - 00346307 _____ C:\Users\Huud\Downloads\Autorank-3.8.jar
2016-07-12 07:00 - 2016-07-12 07:02 - 01183448 _____ C:\Users\Huud\Documents\Quadrilha.sfk
2016-07-12 06:40 - 2016-07-12 06:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-07-12 06:39 - 2016-07-12 06:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-11 13:07 - 2016-06-14 01:25 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Skype
2016-08-11 13:01 - 2016-06-14 00:46 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-660149222-360375265-253833097-1001
2016-08-11 12:56 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-11 12:56 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-11 10:47 - 2016-07-11 07:43 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-08-11 07:06 - 2016-06-14 01:09 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4FEE264E-4485-4343-A9C2-AA72A62759A3}
2016-08-11 02:00 - 2016-06-15 12:32 - 00000000 ____D C:\Users\Huud\AppData\Local\Adobe
2016-08-10 12:45 - 2016-06-19 00:44 - 00000037 _____ C:\Users\Huud\Documents\metotrexato.txt
2016-08-10 12:36 - 2016-06-14 14:10 - 00000000 ____D C:\Users\Huud\AppData\Roaming\uTorrent
2016-08-10 07:28 - 2016-06-21 09:05 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-09 19:32 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-09 19:30 - 2016-06-14 08:01 - 00000000 ____D C:\Windows\system32\MRT
2016-08-09 19:26 - 2016-06-14 08:01 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-09 17:53 - 2016-06-14 00:45 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-09 17:53 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-08-09 17:47 - 2016-07-08 18:39 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Java
2016-08-09 17:46 - 2016-06-19 17:50 - 00000000 ____D C:\Users\Huud\AppData\Local\LogMeIn Hamachi
2016-08-08 17:43 - 2016-06-14 01:12 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-07 22:27 - 2016-06-14 00:38 - 00000000 ____D C:\Users\Huud
2016-08-07 22:25 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Registration
2016-08-05 15:19 - 2016-06-14 00:39 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Adobe
2016-08-04 22:04 - 2014-01-27 02:58 - 00000000 ____D C:\Users\Huud\Desktop\Odin_v3.09
2016-08-04 17:51 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-01 12:17 - 2016-06-19 18:05 - 00000000 ____D C:\Users\Huud\AppData\Roaming\.minecraft
2016-07-31 20:00 - 2016-06-14 17:29 - 00000000 ___RD C:\Users\Huud\Desktop\Games
2016-07-31 16:08 - 2016-06-20 17:36 - 00000000 ____D C:\Program Files (x86)\EloBuddy
2016-07-28 13:25 - 2013-08-22 12:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-07-26 23:32 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-07-24 20:56 - 2016-06-14 16:59 - 00000000 ____D C:\Users\Huud\AppData\Roaming\DAEMON Tools Lite
2016-07-24 20:56 - 2016-06-14 08:18 - 00000000 ____D C:\Windows\Minidump
2016-07-24 20:56 - 2016-06-14 01:30 - 00000000 ____D C:\Windows\Panther
2016-07-24 10:42 - 2016-06-15 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CC 2015
2016-07-24 10:34 - 2016-06-14 17:29 - 00000000 ____D C:\ProgramData\Oracle
2016-07-24 10:33 - 2016-06-14 17:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-24 10:32 - 2016-06-14 17:29 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-24 10:32 - 2016-06-14 17:29 - 00000000 ____D C:\Users\Huud\.oracle_jre_usage
2016-07-24 10:32 - 2016-06-14 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-23 23:42 - 2016-07-08 19:47 - 00000000 ____D C:\Program Files (x86)\No-IP
2016-07-23 19:53 - 2016-06-15 12:41 - 00000000 ____D C:\Program Files\Adobe
2016-07-21 20:33 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-21 20:32 - 2016-06-21 09:06 - 00000000 ____D C:\Windows\system32\log
2016-07-21 20:32 - 2016-06-14 14:39 - 00000000 ____D C:\Users\Huud\AppData\Local\Apps\2.0
2016-07-21 20:28 - 2016-06-14 00:38 - 00000000 ____D C:\Users\Huud\AppData\Local\Packages
2016-07-21 20:22 - 2016-06-14 00:36 - 00000000 ____D C:\Program Files\KMSpico
2016-07-21 20:17 - 2016-06-14 01:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-21 20:05 - 2016-06-14 14:41 - 00000000 ____D C:\Users\Huud\AppData\Roaming\Mozilla
2016-07-20 13:23 - 2016-06-16 23:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-20 13:23 - 2016-06-16 23:21 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-19 19:04 - 2016-06-14 22:01 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-17 21:49 - 2016-06-15 06:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-17 16:22 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-07-15 07:27 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-07-14 18:14 - 2016-06-14 17:29 - 00000412 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2016-07-14 16:49 - 2016-06-14 01:25 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 16:48 - 2016-06-14 01:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-14 16:45 - 2013-08-22 11:44 - 05011904 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-13 23:09 - 2016-06-16 23:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-13 23:09 - 2013-08-22 16:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 23:09 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
==================== Files in the root of some directories =======
2016-08-05 15:19 - 2016-08-05 15:19 - 0000033 _____ () C:\Users\Huud\AppData\Roaming\AdobeWLCMCache.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 6867968 _____ () C:\Users\Huud\AppData\Roaming\agent.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 0848437 _____ () C:\Users\Huud\AppData\Roaming\AlphaZunlight.bin
2016-06-14 14:40 - 2016-06-14 14:40 - 0054272 _____ () C:\Users\Huud\AppData\Roaming\ApplicationHosting.dat
2016-06-14 14:40 - 2016-06-14 14:39 - 0957440 _____ () C:\Users\Huud\AppData\Roaming\Blackhome.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 0072704 _____ () C:\Users\Huud\AppData\Roaming\Blackhome.tst
2016-06-14 14:40 - 2016-06-14 14:40 - 0069072 _____ () C:\Users\Huud\AppData\Roaming\Config.xml
2016-06-14 14:41 - 2016-06-14 14:41 - 2279413 _____ () C:\Users\Huud\AppData\Roaming\IndigoRon.bin
2016-06-14 14:39 - 2016-06-14 14:40 - 0018288 _____ () C:\Users\Huud\AppData\Roaming\InstallationConfiguration.xml
2016-06-14 14:39 - 2016-06-14 14:39 - 0128512 _____ () C:\Users\Huud\AppData\Roaming\Installer.dat
2016-06-14 14:43 - 2015-09-01 00:26 - 1099376 _____ () C:\Users\Huud\AppData\Roaming\inst_buychannel_01.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 0126464 _____ () C:\Users\Huud\AppData\Roaming\lobby.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 0018432 _____ () C:\Users\Huud\AppData\Roaming\Main.dat
2016-06-14 14:40 - 2016-06-14 14:40 - 0005568 _____ () C:\Users\Huud\AppData\Roaming\md.xml
2016-06-14 14:40 - 2016-06-14 14:40 - 0126464 _____ () C:\Users\Huud\AppData\Roaming\noah.dat
2016-06-14 14:40 - 2016-05-27 06:27 - 51990120 _____ () C:\Users\Huud\AppData\Roaming\qqpcmgr_v11.5.17490.219_90137_Silence.exe
2016-06-14 14:40 - 2016-06-14 14:39 - 0957440 _____ () C:\Users\Huud\AppData\Roaming\Rankity.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 1760384 _____ () C:\Users\Huud\AppData\Roaming\Rankity.tst
2016-06-14 14:41 - 2016-06-14 14:41 - 0032038 _____ () C:\Users\Huud\AppData\Roaming\uninstall_temp.ico
2016-06-14 22:33 - 2016-06-14 22:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Huud\AppData\Local\Temp\jansi-32-git-Spigot-1387.dll
C:\Users\Huud\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Huud\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-04 18:02
==================== End of FRST.txt ============================