Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-04-2016
- Ran by DEPP (administrator) on DEPP-PC (18-04-2016 09:33:22)
- Running from C:\Users\DEPP\Desktop
- Loaded Profiles: DEPP (Available Profiles: DEPP)
- Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
- (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
- (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
- () C:\Windows\System32\PnkBstrA.exe
- () C:\Program Files\Photodex\ProShow Gold\scsiaccess.exe
- (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
- (GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
- (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
- (PowerISO Computing, Inc.) C:\Program Files\PowerISO\PWRISOVM.EXE
- (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
- (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
- (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
- (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
- (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
- (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
- (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
- (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
- (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
- (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
- (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
- (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Fishy Inc) C:\Users\DEPP\Desktop\geeksn0w\FagDNSUpdater.exe
- (RA4W VPN) C:\Users\DEPP\Desktop\geeksn0w\RA4W VPN.exe
- (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161064 2007-07-04] (Nero AG)
- HKLM\...\Run: [ZSSnp211] => C:\Windows\ZSSnp211.exe [49152 2006-08-19] (ZSMCSNAP)
- HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-08-18] ()
- HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
- HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1612784 2013-06-06] (GlavSoft LLC.)
- HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
- HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [307200 2011-06-14] (PowerISO Computing, Inc.)
- HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
- HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1485208 2010-07-28] (Affinegy, Inc.)
- HKLM\...\Run: [USBScan.exe] => C:\Program Files\USBScan\USBScan.exe -Hide
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
- HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
- HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
- HKLM\...\Run: [] => [X]
- HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
- HKLM\...\Run: [snpstd] => C:\Windows\vsnpstd.exe
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-25] (AVAST Software)
- HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
- HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [644240 2016-02-26] (Sandboxie Holdings, LLC)
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\RunOnce: [Microsoft Corporation WddbIKiPaDSUGKHd] => C:\Users\DEPP\AppData\Roaming\WddbIKiPaDSUGKHd.exe [1595392 2016-04-18] ()
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\MountPoints2: F - F:\Setup.exe
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\MountPoints2: {58e89a20-dd2a-11e3-9a55-002522987bad} - H:\iStudio.exe
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\MountPoints2: {f067e3e1-e60d-11e4-b856-94de801e18e2} - G:\AutoRun.exe
- HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-20] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-05] (AVAST Software)
- ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll No File
- GroupPolicy: Restriction - Chrome <======= ATTENTION
- GroupPolicyScripts: Restriction <======= ATTENTION
- GroupPolicyScripts\User: Restriction <======= ATTENTION
- CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
- CHR HKU\S-1-5-21-563482115-3036595567-2997201845-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224 2012-10-03] (Microsoft Corporation) ATTENTION: LibraryPath should be "C:\Windows)\system32\NLAapi.dll"
- Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
- Tcpip\..\Interfaces\{048FDD65-0EAD-4861-A251-F6E16FE6714D}: [DhcpNameServer] 192.168.0.1
- Tcpip\..\Interfaces\{9D9FA4B9-6D77-4D3E-9DB9-48567F376F39}: [DhcpNameServer] 192.168.0.1
- Tcpip\..\Interfaces\{B52C9A39-209B-4B29-BC15-24329C944D86}: [DhcpNameServer] 8.8.8.8 8.8.4.4
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcglcWQhCERgbJQFeTA1EGQAOIgxaWRQVQ1QUJQhcAFtJFFMFIk0FA1ADB0VXfVBdFElXTwhnKUpbDk8UU0xiMEk=
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0&ocid=iehp
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
- SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
- SearchScopes: HKLM -> OldSearch URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
- SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=bfp_coinisre_16_09&cd=2XzuyEtN2Y1L1Qzu0AtD0FtA0CtC0CyEtCtBtBtCtDzy0EyEtN0D0Tzu0StCyDtByEtN1L2XzutAtFtCzztFtCtFyDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByD0A0CyC0DtAtBtGtBtDtA0BtG0B0Fzy0DtGtBtDzy0FtGtBtCzz0CtByE0DtDyD0B0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytDtByD0CtD0FtGtA0D0CzztGyEtAzytDtG0ByBtDyDtG0A0CyB0F0CyC0AyB0F0CtDyB2QtN0A0LzutB&cr=343473937&ir=&q={searchTerms}
- SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> OldSearch URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=121631&babsrc=SP_ss&mntrId=D07C002522987BAD
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {2802DE9B-C921-45D8-B15E-2F5CFEEB6301} URL = hxxps://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=830633&p={searchTerms}
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=bfp_coinisre_16_09&cd=2XzuyEtN2Y1L1Qzu0AtD0FtA0CtC0CyEtCtBtBtCtDzy0EyEtN0D0Tzu0StCyDtByEtN1L2XzutAtFtCzztFtCtFyDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByD0A0CyC0DtAtBtGtBtDtA0BtG0B0Fzy0DtGtBtDzy0FtGtBtCzz0CtByE0DtDyD0B0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytDtByD0CtD0FtGtA0D0CzztGyEtAzytDtG0ByBtDyDtG0A0CyB0F0CyC0AyB0F0CtDyB2QtN0A0LzutB&cr=343473937&ir=&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {883A7FD9-E6BB-481F-A75D-8ABA018A7BB5} URL = hxxp://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
- BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
- BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
- BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-05] (AVAST Software)
- BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
- BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
- BHO: No Name -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> No File
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
- BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
- Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
- Toolbar: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
- Toolbar: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
- Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
- Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
- FireFox:
- ========
- FF ProfilePath: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default
- FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAARcF0AUApBDA1GeF8VVQxJFBhBdVsATF0TQAJGcV1ZAwFERxNBNARaB0tXUUEeGGlxR1dMZVxQI1ZOBEsIYEVT
- FF DefaultSearchEngine: Yahoo!
- FF DefaultSearchEngine.US: Yahoo!
- FF SelectedSearchEngine: Yahoo!
- FF Homepage: hxxps://ph.search.yahoo.com/?type=830633&fr=spigot-yhp-ff
- hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcglcWQhCERgbJQFeTA1EGQAOIgxaWRQVQ1QUJQhcAFtJFFMFIk0FA18DB0VXfWFoKB8fHHFKM1pXF1wDWHRTMA==
- FF Keyword.URL: hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=830633&p=
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-10] ()
- FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
- FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
- FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
- FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2014-04-29] ( )
- FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
- FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
- FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
- FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
- FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
- FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-20] (Adobe Systems Inc.)
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
- FF Plugin HKU\S-1-5-21-563482115-3036595567-2997201845-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
- FF Plugin HKU\S-1-5-21-563482115-3036595567-2997201845-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DEPP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-06] (Unity Technologies ApS)
- FF user.js: detected! => C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\user.js [2016-01-10]
- FF SearchPlugin: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\searchplugins\default.xml [2016-04-11]
- FF SearchPlugin: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\searchplugins\Palikan.xml [2016-03-04]
- FF SearchPlugin: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\searchplugins\yahoo_ff.xml [2016-04-03]
- FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
- FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
- FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-05]
- FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
- FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-01] [not signed]
- FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
- FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-05]
- FF HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEPP\AppData\Roaming\IDM\idmmzcc5 => not found
- FF HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEPP\AppData\Roaming\IDM\idmmzcc5 => not found
- FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-02-09]
- Chrome:
- =======
- CHR HomePage: Default -> hxxps://ph.search.yahoo.com/?type=830633&fr=yo-yhp-ch
- CHR StartupUrls: Default -> "hxxps://ph.search.yahoo.com/?type=830633&fr=yo-yhp-ch"
- CHR Profile: C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Slides) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-19]
- CHR Extension: (Google Docs) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-19]
- CHR Extension: (Google Drive) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
- CHR Extension: (YouTube) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-19]
- CHR Extension: (Adblock Plus) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-19]
- CHR Extension: (Adobe Acrobat) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-03-19]
- CHR Extension: (Google Sheets) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-19]
- CHR Extension: (Google Docs Offline) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
- CHR Extension: (AdBlock) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18]
- CHR Extension: (Avast Online Security) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-08]
- CHR Extension: (Skype) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-19]
- CHR Extension: (Palikan New Tab) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej [2016-03-19]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
- CHR Extension: (Gmail) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
- CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
- CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-05]
- CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
- CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
- CHR HKU\S-1-5-21-563482115-3036595567-2997201845-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
- Opera:
- =======
- OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcglcWQhCERgbJQFeTA1EGQAOIgxaWRQVQ1QUJQhcAFtJFFMFIk0FA1oDB0VXfV5bFElXTwhnKUpbDk8UU0xiMEk="
- OPR Session Restore: -> is enabled.
- OPR Extension: (Discovery App) - C:\Users\DEPP\AppData\Roaming\Opera Software\Opera Stable\Extensions\ahckhjibgfpddoogbomdemiekkalmema [2016-03-28]
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
- R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-05] (AVAST Software)
- R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4403136 2016-02-05] (Avast Software)
- S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
- S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
- S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
- R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
- R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
- S2 DefaultTabUpdate; C:\Users\DEPP\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-06-17] () [File not signed]
- R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2015-06-27] ()
- R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [146576 2016-02-26] (Sandboxie Holdings, LLC)
- R2 ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [186760 2014-04-29] ()
- S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
- R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
- R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1612784 2013-06-06] (GlavSoft LLC.)
- R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-05] (AVAST Software)
- R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-02-05] (AVAST Software)
- R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-11] (AVAST Software)
- R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-02-05] (AVAST Software)
- R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-05] (AVAST Software)
- R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-11] (AVAST Software)
- R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-24] (AVAST Software)
- S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-02-05] (AVAST Software)
- R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-11] (AVAST Software)
- R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131704 2015-06-16] (BlueStack Systems)
- S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
- R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
- R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [129144 2016-02-05] (AVAST Software)
- S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
- R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [176784 2016-02-26] (Sandboxie Holdings, LLC)
- R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [60156 2011-06-15] (PowerISO Computing, Inc.) [File not signed]
- R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31360 2015-11-05] (The OpenVPN Project)
- R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [252152 2016-02-05] (Avast Software)
- R1 WMDrive; C:\Windows\system32\drivers\WMDrive.sys [65856 2014-04-30] (WinMount International Inc) [File not signed]
- R3 ZSMC211; C:\Windows\System32\Drivers\ZS211.sys [391836 2006-08-08] (ZSMC Corporation) [File not signed]
- S3 SliceDisk5; \??\C:\Users\DEPP\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk.sys [X]
- S3 snpstd; system32\DRIVERS\snpstd.sys [X]
- S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
- S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-04-18 09:33 - 2016-04-18 09:34 - 00027681 _____ C:\Users\DEPP\Desktop\FRST.txt
- 2016-04-18 09:31 - 2016-04-18 09:33 - 00000000 ____D C:\FRST
- 2016-04-18 09:28 - 2016-04-18 09:30 - 01726464 _____ (Farbar) C:\Users\DEPP\Desktop\FRST.exe
- 2016-04-18 08:48 - 2016-04-18 08:48 - 00329035 _____ C:\Users\DEPP\Downloads\portlistener.zip
- 2016-04-18 08:38 - 2016-04-18 08:38 - 01595392 ___SH C:\Users\DEPP\AppData\Roaming\WddbIKiPaDSUGKHd.exe
- 2016-04-18 07:45 - 2016-04-18 07:45 - 00002829 _____ C:\Windows\diagerr.xml
- 2016-04-18 07:45 - 2016-04-18 07:45 - 00001908 _____ C:\Windows\diagwrn.xml
- 2016-04-16 14:06 - 2016-04-18 06:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
- 2016-04-16 12:29 - 2016-04-16 12:29 - 00813320 _____ (Shark Labs) C:\Users\DEPP\Downloads\CFSetup429.exe
- 2016-04-16 12:29 - 2016-04-16 12:29 - 00000000 ____D C:\Users\DEPP\Documents\Skype Voice Records
- 2016-04-16 12:29 - 2016-04-16 12:29 - 00000000 ____D C:\Users\DEPP\Documents\Clownfish Avatars
- 2016-04-16 10:35 - 2016-04-16 10:35 - 00000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
- 2016-04-16 10:35 - 2016-04-16 10:35 - 00000877 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
- 2016-04-16 10:16 - 2016-04-16 10:16 - 00011778 _____ C:\Users\DEPP\Downloads\listen.zip
- 2016-04-16 09:29 - 2016-04-18 09:34 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Skype
- 2016-04-14 15:29 - 2016-04-14 15:31 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Bitcoin
- 2016-04-14 15:19 - 2016-04-14 15:28 - 33537119 _____ C:\Users\DEPP\Downloads\bitcoin-0.12.0-win32.zip
- 2016-04-14 15:10 - 2016-04-14 15:11 - 00081920 _____ C:\Users\DEPP\Downloads\wallet.dat
- 2016-04-14 11:07 - 2016-04-16 13:55 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- 2016-04-13 12:11 - 2016-03-31 11:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
- 2016-04-13 12:11 - 2016-03-30 17:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
- 2016-04-13 12:11 - 2016-03-30 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
- 2016-04-13 12:11 - 2016-03-30 17:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
- 2016-04-13 12:11 - 2016-03-30 16:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
- 2016-04-13 12:11 - 2016-03-30 16:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
- 2016-04-13 12:11 - 2016-03-30 16:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
- 2016-04-13 12:11 - 2016-03-30 16:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
- 2016-04-13 12:11 - 2016-03-30 16:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
- 2016-04-13 12:11 - 2016-03-30 16:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
- 2016-04-13 12:11 - 2016-03-30 16:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
- 2016-04-13 12:11 - 2016-03-30 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
- 2016-04-13 12:11 - 2016-03-30 16:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
- 2016-04-13 12:11 - 2016-03-30 16:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
- 2016-04-13 12:11 - 2016-03-30 16:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
- 2016-04-13 12:11 - 2016-03-30 16:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
- 2016-04-13 12:11 - 2016-03-30 16:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
- 2016-04-13 12:11 - 2016-03-30 16:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
- 2016-04-13 12:11 - 2016-03-30 16:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
- 2016-04-13 12:11 - 2016-03-30 16:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
- 2016-04-13 12:11 - 2016-03-30 16:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
- 2016-04-13 12:11 - 2016-03-30 16:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
- 2016-04-13 12:11 - 2016-03-30 16:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
- 2016-04-13 12:11 - 2016-03-30 16:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
- 2016-04-13 12:11 - 2016-03-30 16:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
- 2016-04-13 12:11 - 2016-03-30 16:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
- 2016-04-13 12:11 - 2016-03-30 16:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
- 2016-04-13 12:11 - 2016-03-30 16:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
- 2016-04-13 12:11 - 2016-03-30 16:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
- 2016-04-13 12:11 - 2016-03-30 16:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
- 2016-04-13 12:11 - 2016-03-30 16:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
- 2016-04-13 12:11 - 2016-03-30 16:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
- 2016-04-13 12:11 - 2016-03-30 16:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
- 2016-04-13 12:11 - 2016-03-30 16:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
- 2016-04-13 12:11 - 2016-03-30 16:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
- 2016-04-13 11:29 - 2016-03-29 10:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
- 2016-04-13 11:13 - 2016-03-17 15:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
- 2016-04-13 11:13 - 2016-03-17 15:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
- 2016-04-13 11:13 - 2016-03-17 15:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
- 2016-04-13 11:13 - 2016-03-17 15:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
- 2016-04-13 11:13 - 2016-03-17 15:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
- 2016-04-13 11:13 - 2016-03-17 15:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
- 2016-04-13 11:13 - 2016-03-17 15:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
- 2016-04-13 11:13 - 2016-03-17 15:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
- 2016-04-13 11:13 - 2016-03-17 15:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
- 2016-04-13 11:13 - 2016-03-17 15:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
- 2016-04-13 11:13 - 2016-03-17 15:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
- 2016-04-13 11:13 - 2016-03-17 15:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
- 2016-04-13 11:13 - 2016-03-17 15:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
- 2016-04-13 11:13 - 2016-03-17 15:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
- 2016-04-13 11:13 - 2016-03-17 15:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
- 2016-04-13 11:13 - 2016-03-17 15:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
- 2016-04-13 11:13 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
- 2016-04-13 11:13 - 2016-03-17 15:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
- 2016-04-13 11:13 - 2016-03-17 15:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
- 2016-04-13 11:13 - 2016-03-17 15:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
- 2016-04-13 11:13 - 2016-03-17 15:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
- 2016-04-13 11:13 - 2016-03-17 15:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
- 2016-04-13 11:13 - 2016-03-17 15:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
- 2016-04-13 11:13 - 2016-03-17 15:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
- 2016-04-13 11:13 - 2016-03-17 15:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
- 2016-04-13 11:13 - 2016-03-17 15:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
- 2016-04-13 11:13 - 2016-03-17 15:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 14:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
- 2016-04-13 11:13 - 2016-03-17 14:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
- 2016-04-13 11:13 - 2016-03-17 14:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
- 2016-04-13 11:13 - 2016-03-17 14:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
- 2016-04-13 11:13 - 2016-03-17 14:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
- 2016-04-13 11:13 - 2016-03-17 14:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
- 2016-04-13 11:13 - 2016-03-17 14:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
- 2016-04-13 11:13 - 2016-03-17 14:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
- 2016-04-13 11:13 - 2016-03-17 14:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
- 2016-04-13 11:13 - 2016-03-17 14:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-17 14:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
- 2016-04-13 11:13 - 2016-03-16 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
- 2016-04-13 11:13 - 2016-03-16 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
- 2016-04-13 11:13 - 2016-02-02 11:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
- 2016-04-13 11:08 - 2016-03-15 16:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
- 2016-04-13 11:08 - 2016-03-15 16:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
- 2016-04-13 11:07 - 2016-03-11 11:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
- 2016-04-13 11:07 - 2016-01-20 17:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
- 2016-04-13 11:02 - 2016-04-04 10:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
- 2016-04-13 11:02 - 2016-04-04 10:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
- 2016-04-13 11:02 - 2016-04-02 06:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
- 2016-04-13 11:02 - 2016-03-23 07:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
- 2016-04-13 11:02 - 2016-03-17 11:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
- 2016-04-13 11:02 - 2016-03-17 11:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
- 2016-04-13 11:02 - 2016-03-17 11:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
- 2016-04-13 11:02 - 2016-03-17 11:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
- 2016-04-13 11:02 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
- 2016-04-13 11:02 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
- 2016-04-13 11:01 - 2016-02-05 11:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
- 2016-04-13 11:01 - 2016-02-05 10:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
- 2016-04-13 11:01 - 2015-06-03 13:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
- 2016-04-11 14:06 - 2016-04-11 14:06 - 00000000 __SHD C:\found.001
- 2016-04-11 11:21 - 2016-04-11 11:21 - 00000000 ____D C:\Users\DEPP\AppData\Local\Dox_Tool
- 2016-04-08 16:29 - 2016-04-08 16:30 - 03976885 _____ C:\Users\DEPP\Downloads\links.pdf
- 2016-04-08 15:07 - 2016-04-08 16:00 - 00000348 _____ C:\Users\DEPP\Desktop\error.txt
- 2016-04-08 15:03 - 2016-04-18 06:51 - 00000000 ____D C:\ProgramData\Nimoru
- 2016-04-03 01:35 - 2016-04-03 01:35 - 00000000 ____D C:\Users\DEPP\AppData\Local\SatoshiMines_Pluscoup_Bot
- 2016-04-03 00:55 - 2016-04-03 00:55 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\WinRAR
- 2016-04-03 00:24 - 2016-04-03 00:24 - 00838129 _____ C:\Users\DEPP\Downloads\CodeDom Crypter.rar
- 2016-04-02 22:45 - 2016-04-18 08:38 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\bin235761
- 2016-04-02 19:40 - 2016-04-02 19:41 - 01941476 _____ C:\Users\DEPP\Downloads\SAE.v1.14.4.x86.7z
- 2016-04-02 17:57 - 2016-04-02 17:57 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2X
- 2016-04-02 17:51 - 2016-04-02 17:57 - 00021426 _____ C:\Users\DEPP\AppData\Roaming\2XBasicClientLog.txt
- 2016-04-02 17:49 - 2016-04-02 17:50 - 06302880 _____ (Parallels IP Holdings GmbH.) C:\Users\DEPP\Downloads\2xclient_basic.exe
- 2016-04-02 17:41 - 2016-04-02 17:41 - 00000000 ____H C:\Users\DEPP\Documents\Default.rdp
- 2016-04-02 17:40 - 2016-04-02 17:40 - 00740769 _____ C:\Users\DEPP\Downloads\RDP
- 2016-04-02 15:35 - 2016-04-02 15:43 - 10255240 _____ C:\Users\DEPP\Downloads\YTDSetup (1).exe
- 2016-04-02 14:08 - 2016-04-02 14:08 - 11248145 _____ C:\Users\DEPP\Documents\John Legend - All Of Me (Karaoke).mp4
- 2016-04-02 14:00 - 2016-04-08 00:20 - 00000000 ____D C:\Users\DEPP\AppData\Local\MalwareProtectionLive
- 2016-04-02 13:59 - 2016-04-02 13:59 - 00001207 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
- 2016-04-02 13:59 - 2016-04-02 13:59 - 00000000 ____D C:\ProgramData\YTD Video Downloader
- 2016-04-02 13:59 - 2016-04-02 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
- 2016-04-02 13:33 - 2016-04-02 13:43 - 10255240 _____ C:\Users\DEPP\Downloads\YTDSetup.exe
- 2016-04-02 12:06 - 2016-04-02 12:06 - 00000000 ____D C:\Users\DEPP\Downloads\electrum_data
- 2016-04-02 10:55 - 2016-04-02 10:55 - 00468068 _____ C:\Users\DEPP\Downloads\RE-Utility2012.sfx.exe
- 2016-04-01 20:51 - 2016-04-01 20:51 - 00001579 _____ C:\ProgramData\XML
- 2016-04-01 20:34 - 2016-04-01 20:34 - 00000000 ___RD C:\Sandbox
- 2016-04-01 20:33 - 2016-04-01 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
- 2016-04-01 20:33 - 2016-04-01 20:33 - 00000000 ____D C:\Program Files\Sandboxie
- 2016-04-01 20:20 - 2016-04-01 20:52 - 00000000 ____D C:\ProgramData\554348
- 2016-04-01 20:20 - 2016-04-01 20:20 - 00000006 ____S C:\ProgramData\085d0e68c7b0c248384148018c7afe1bc9b2a42d
- 2016-04-01 20:20 - 2016-04-01 20:20 - 00000000 ____D C:\ProgramData\554448
- 2016-04-01 20:15 - 2016-04-01 20:15 - 00000000 ____D C:\Users\DEPP\AppData\Local\Fishy_Inc
- 2016-04-01 19:38 - 2016-04-18 08:40 - 00001632 _____ C:\Windows\Sandboxie.ini
- 2016-04-01 19:14 - 2016-04-18 09:12 - 00000000 ___HD C:\Users\DEPP\Desktop\geeksn0w
- 2016-04-01 18:25 - 2016-04-01 18:39 - 00001578 _____ C:\ProgramData\Windows 32 Binary HEX
- 2016-04-01 15:46 - 2016-04-18 07:28 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Binary HEX
- 2016-04-01 15:46 - 2016-04-01 18:40 - 00000000 ____D C:\ProgramData\Bin
- 2016-03-31 21:01 - 2016-03-31 21:01 - 00014925 _____ C:\Users\DEPP\Desktop\what-is-anxiety-disorder.jpe
- 2016-03-31 16:24 - 2016-04-01 20:05 - 00000000 ____D C:\Program Files\DuckDNS
- 2016-03-31 16:07 - 2016-03-31 16:09 - 00000000 ____D C:\Users\DEPP\Downloads\Data
- 2016-03-31 16:07 - 2016-03-31 16:07 - 00000000 ____D C:\Users\DEPP\Downloads\SmartLogger
- 2016-03-31 16:07 - 2016-03-31 16:07 - 00000000 ____D C:\Users\DEPP\Downloads\Clients
- 2016-03-31 15:15 - 2016-04-01 19:16 - 00000000 ____D C:\Users\DEPP\AppData\Local\RA4W_VPN
- 2016-03-31 15:15 - 2015-11-05 14:24 - 00031360 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
- 2016-03-28 00:11 - 2016-03-27 22:04 - 63295404 _____ C:\Users\DEPP\Desktop\Noli Me Tangere.mp4
- 2016-03-27 21:49 - 2016-03-27 22:04 - 63295404 _____ C:\Users\DEPP\Downloads\Noli Me Tangere.mp4
- 2016-03-22 00:17 - 2016-03-22 00:17 - 00428538 _____ C:\Users\DEPP\Downloads\cz.shmoula.android.fakecamera.apk
- 2016-03-19 15:48 - 2016-03-19 15:48 - 00000132 _____ C:\Users\DEPP\AppData\Roaming\Adobe PNG Format CS6 Prefs
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-04-18 09:04 - 2014-08-21 07:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
- 2016-04-18 08:56 - 2013-06-17 15:39 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2016-04-18 08:56 - 2013-06-17 15:39 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2016-04-18 08:28 - 2009-07-13 21:34 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2016-04-18 08:28 - 2009-07-13 21:34 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2016-04-18 08:24 - 2014-08-24 13:36 - 00000000 ____D C:\Program Files\Opera
- 2016-04-18 08:19 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
- 2016-04-18 08:12 - 2014-04-30 11:06 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001UA.job
- 2016-04-18 07:45 - 2015-10-30 00:33 - 00000000 ___HD C:\$WINDOWS.~BT
- 2016-04-18 07:44 - 2013-06-17 16:03 - 00000000 ____D C:\Windows\Panther
- 2016-04-18 06:43 - 2014-08-12 08:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
- 2016-04-18 06:29 - 2009-07-13 21:33 - 03837200 _____ C:\Windows\system32\FNTCACHE.DAT
- 2016-04-16 13:10 - 2013-06-18 12:57 - 00115416 _____ C:\Users\DEPP\AppData\Local\GDIPFONTCACHEV1.DAT
- 2016-04-16 11:11 - 2014-04-30 11:06 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001Core.job
- 2016-04-16 10:35 - 2013-06-18 14:19 - 00000000 ____D C:\Program Files\TeamViewer
- 2016-04-16 10:26 - 2013-06-17 15:30 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
- 2016-04-16 10:26 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\inf
- 2016-04-16 10:09 - 2015-11-19 08:18 - 00000000 ____D C:\Program Files\Steam
- 2016-04-14 11:07 - 2014-08-21 07:59 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
- 2016-04-14 11:07 - 2014-08-21 07:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
- 2016-04-14 10:49 - 2014-12-11 08:31 - 00000000 ____D C:\Windows\system32\appraiser
- 2016-04-12 15:46 - 2013-06-17 15:40 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-04-12 15:46 - 2013-06-17 15:40 - 00002089 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2016-04-11 12:14 - 2015-02-06 11:01 - 00000600 _____ C:\Users\DEPP\AppData\Roaming\winscp.rnd
- 2016-04-11 11:41 - 2015-11-19 08:18 - 00000000 ____D C:\Program Files\Common Files\Steam
- 2016-04-11 09:47 - 2014-04-30 08:49 - 00000000 ___RD C:\Users\DEPP\Documents\Scanned Documents
- 2016-04-08 10:06 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\NDF
- 2016-04-08 00:29 - 2015-09-15 11:12 - 00067072 ___SH C:\Users\DEPP\Thumbs.db
- 2016-04-06 10:18 - 2013-06-17 15:46 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
- 2016-04-03 21:19 - 2013-06-17 15:31 - 00000000 ____D C:\Users\DEPP\AppData\Local\ElevatedDiagnostics
- 2016-04-02 22:41 - 2013-06-17 15:26 - 00000000 ____D C:\Users\DEPP\AppData\Local\VirtualStore
- 2016-04-02 14:35 - 2014-05-01 20:05 - 00000000 ____D C:\Users\DEPP\Documents\YDT Downloads
- 2016-04-02 12:06 - 2014-04-30 06:53 - 00000000 ____D C:\archive_db
- 2016-03-27 00:26 - 2015-04-04 10:23 - 00000000 ___SD C:\Windows\system32\GWX
- ==================== Files in the root of some directories =======
- 2015-09-16 06:24 - 2015-09-16 06:24 - 22383104 _____ (Prezi) C:\Program Files\PreziNext.Windows.Desktop.exe
- 2016-04-02 17:51 - 2016-04-02 17:57 - 0021426 _____ () C:\Users\DEPP\AppData\Roaming\2XBasicClientLog.txt
- 2016-03-19 15:48 - 2016-03-19 15:48 - 0000132 _____ () C:\Users\DEPP\AppData\Roaming\Adobe PNG Format CS6 Prefs
- 2013-06-19 19:41 - 2015-02-16 12:17 - 0022328 _____ () C:\Users\DEPP\AppData\Roaming\PnkBstrK.sys
- 2016-01-10 16:50 - 2016-01-22 01:36 - 0000147 _____ () C:\Users\DEPP\AppData\Roaming\WB.CFG
- 2016-04-18 08:38 - 2016-04-18 08:38 - 1595392 ___SH () C:\Users\DEPP\AppData\Roaming\WddbIKiPaDSUGKHd.exe
- 2015-02-06 11:01 - 2016-04-11 12:14 - 0000600 _____ () C:\Users\DEPP\AppData\Roaming\winscp.rnd
- 2010-10-20 00:31 - 2010-10-20 00:31 - 0001456 _____ () C:\Users\DEPP\AppData\Local\Adobe Save for Web 13.0 Prefs
- 2013-06-25 16:26 - 2013-06-25 16:26 - 0000001 _____ () C:\Users\DEPP\AppData\Local\llftool.4.25.agreement
- 2015-01-23 21:47 - 2015-02-06 11:41 - 0000600 _____ () C:\Users\DEPP\AppData\Local\PUTTY.RND
- 2016-04-01 20:20 - 2016-04-01 20:20 - 0000006 ____S () C:\ProgramData\085d0e68c7b0c248384148018c7afe1bc9b2a42d
- 2016-04-01 18:25 - 2016-04-01 18:39 - 0001578 _____ () C:\ProgramData\Windows 32 Binary HEX
- 2016-04-01 20:51 - 2016-04-01 20:51 - 0001579 _____ () C:\ProgramData\XML
- Some files in TEMP:
- ====================
- C:\Users\DEPP\AppData\Local\Temp\cdo2397250265.dll
- C:\Users\DEPP\AppData\Local\Temp\fp_pl_pfs_installer.exe
- C:\Users\DEPP\AppData\Local\Temp\i4jdel0.exe
- C:\Users\DEPP\AppData\Local\Temp\install_flashplayer14x32_mssd_aaa_aih.exe
- C:\Users\DEPP\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
- C:\Users\DEPP\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
- C:\Users\DEPP\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
- C:\Users\DEPP\AppData\Local\Temp\jre-8u31-windows-au.exe
- C:\Users\DEPP\AppData\Local\Temp\SetupTechGenie.exe
- C:\Users\DEPP\AppData\Local\Temp\SkypeSetup.exe
- C:\Users\DEPP\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
- C:\Users\DEPP\AppData\Local\Temp\Uninstall.exe
- C:\Users\DEPP\AppData\Local\Temp\upnp.exe
- C:\Users\DEPP\AppData\Local\Temp\vlc-2.1.5-win32.exe
- C:\Users\DEPP\AppData\Local\Temp\w6mswxnp.dll
- C:\Users\DEPP\AppData\Local\Temp\{008EB3C3-D666-4491-9A94-7516D44D1F8B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{019B89B2-15EC-4D4F-9EE1-36CDCB743921}.dll
- C:\Users\DEPP\AppData\Local\Temp\{02436E26-18DA-42FB-9967-94C1DFA1223F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{03FF1AA6-1535-410F-BD1A-71DFD5FD66F5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{04D4E9C9-CC84-4E9E-AD48-3D15D7849B93}.dll
- C:\Users\DEPP\AppData\Local\Temp\{067DCFBC-1CED-48F1-B236-9CB8A9BDE027}.dll
- C:\Users\DEPP\AppData\Local\Temp\{080C98A9-085B-47C9-8276-47F18B9FC5A7}.dll
- C:\Users\DEPP\AppData\Local\Temp\{081446E9-29AA-4C46-984E-8309BEE72581}.dll
- C:\Users\DEPP\AppData\Local\Temp\{085F661E-2ED8-437F-9D69-88AAD6962A9F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0894DEF1-6666-408C-ACCA-4DC3CF7DBC5C}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0A92F433-3EC3-402C-9B04-D36355EA31AA}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0B64423F-710B-4942-B77A-0809390A5D3A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0C1AA2A5-0F82-4A6D-9601-BA141BC3AA40}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0E33D377-553B-410C-9A56-9D13567BC88E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0E7C2EE0-2305-4235-8590-ECF570B66287}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0F760040-0D5B-4A72-A0D7-0596B42FFE40}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0F8DF46D-9A32-44DC-8B0D-EE94853050B4}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0F9A0FDB-036B-4BFC-B075-E5A3BDF06FB0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{0F9B59DC-57E3-42BD-BFCF-341443DF2D5D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{11ABB590-F546-48D2-97C6-3230E8F61452}.dll
- C:\Users\DEPP\AppData\Local\Temp\{13583F31-8491-4FE8-8469-1CC5C75997F4}.dll
- C:\Users\DEPP\AppData\Local\Temp\{15FE872C-0AF8-4707-A288-EA508A67B6E8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{164FC8B4-321C-4D52-8145-B26560E49AE0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{16753ECB-A489-4560-BA73-1B1E92B71F2A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{16EAFBA7-5F26-4D46-8BFE-D7EA9985322C}.dll
- C:\Users\DEPP\AppData\Local\Temp\{171A7E60-EAEF-41B1-9826-C67B9D32EA6D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{18AC5B44-D98E-48D2-80BF-2F6795494D3B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{199A5FF8-B59E-4294-8F39-7520362659B8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1AA3915E-C770-4FF6-B2A6-97E3888520CF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1B844F62-ACA1-4414-A8C3-3FB3F281EC4C}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1C190B66-B236-4586-BC7F-082FAB0A0A3E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1CB136FE-BC21-4373-8F67-ED8640492BEC}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1D94B5C4-57D5-4328-83FD-50E81BAC2BA5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1DA8DB7B-7261-499A-B4D5-E693A4EB23B0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1F39AADA-1DF5-42ED-AF26-A10B69FAF343}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1F487E6F-8EAA-4487-9BCA-FBF882A5990F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{1F6F85C8-839C-46AD-94EB-E7B50B231A2F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{219F0DC9-65A2-426D-B111-A3E7E9D36388}.dll
- C:\Users\DEPP\AppData\Local\Temp\{24DAC82A-1213-479E-90A7-FBD9D6633EFC}.dll
- C:\Users\DEPP\AppData\Local\Temp\{24ECFADF-DD50-4A3A-BC08-C9E8B68C5C58}.dll
- C:\Users\DEPP\AppData\Local\Temp\{2798A6BC-9741-4D57-A0A7-AF91367E2EBE}.dll
- C:\Users\DEPP\AppData\Local\Temp\{28FD53AD-6C6A-497A-90DE-0D6E3FBCE54D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{29044730-37B2-489C-80CC-F9B0645F8B0F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{2E7EDE1D-9333-41D6-A74F-E3CB13F1AECD}.dll
- C:\Users\DEPP\AppData\Local\Temp\{300BF224-5709-4D28-9CED-93D670262A47}.dll
- C:\Users\DEPP\AppData\Local\Temp\{31595422-EE62-4A7E-93F9-94D6771B32C4}.dll
- C:\Users\DEPP\AppData\Local\Temp\{326258BA-0B89-4C94-A8FB-2C8AC95D6007}.dll
- C:\Users\DEPP\AppData\Local\Temp\{32F9829A-06AD-463B-BDAA-607D427658EF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{34CD993F-AAAE-454F-BAFE-BEC6FA9FF5A0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{35353ADD-7531-4B59-AB4E-23ABDEA54B80}.dll
- C:\Users\DEPP\AppData\Local\Temp\{357AA545-5258-4F70-A22C-B1C0F8CCAAD5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{357C556C-BDA2-45D4-8BD7-8C142E7EDDE4}.dll
- C:\Users\DEPP\AppData\Local\Temp\{364A18D4-F9B6-4A64-9054-9F28FA9E5687}.dll
- C:\Users\DEPP\AppData\Local\Temp\{368F7204-00B8-40B3-A86B-3EFF858BFCA5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{389D7FA8-3CE0-414D-A831-9582A1F321ED}.dll
- C:\Users\DEPP\AppData\Local\Temp\{38FA84F4-E941-4CF2-846F-620E7DBD20A9}.dll
- C:\Users\DEPP\AppData\Local\Temp\{3A1F7887-9CF5-4ED9-B9DF-1FC61E1FF374}.dll
- C:\Users\DEPP\AppData\Local\Temp\{3BF40347-F864-461F-93EE-E27C8EB850CF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{3C1824E7-84B3-4F9C-A377-5EEA817F1120}.dll
- C:\Users\DEPP\AppData\Local\Temp\{3F553758-5B5E-4CA1-BAC5-6930A5AC39BB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{3FE290E6-7B34-491F-BB11-EA41077FF817}.dll
- C:\Users\DEPP\AppData\Local\Temp\{41189BD1-5E41-46CE-8FD7-DE8C1B94F7B2}.dll
- C:\Users\DEPP\AppData\Local\Temp\{423D4590-E432-4AB7-A0FC-3D1F59E40C52}.dll
- C:\Users\DEPP\AppData\Local\Temp\{42800206-3452-46D4-8843-43FF92FBBEB0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4474F7EC-A117-49EB-AB49-FB3FAA8C0D9E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4524FFF2-C68E-4EF1-92EF-74CBA1DF8F1B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4543BF5A-4409-4284-9FC0-06F7377D743D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{458C885C-AF0C-4DA5-93E0-BF04D1A51A1E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{459BECB0-4D41-4DD6-B5AA-6EF38B6A87B8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4867DFB3-9C51-4F92-9E04-F4C824822566}.dll
- C:\Users\DEPP\AppData\Local\Temp\{494C51E4-B3FB-4DF7-968D-F10918A81EE5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{49F7EB50-7AD7-4D1E-9307-CE82D3E2B22E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4B42962F-F4A0-411C-A8E1-419C413AD6EF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4D3A3DDE-5B54-4FA0-9A68-6F2AE83A4089}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4E127DAE-432D-42AC-A168-4F0AD2BBAA8A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4E4D97E5-7FA5-4B47-90A0-ECC85709FDD6}.dll
- C:\Users\DEPP\AppData\Local\Temp\{4E8B82AA-760B-4EBC-8CE2-C23F6C5D540C}.dll
- C:\Users\DEPP\AppData\Local\Temp\{507FC4C2-0812-41B0-8622-2D50C7F72AAF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5166B3F1-0D9F-48D6-86BB-8DE5E97A82A8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{52A54AC8-2F73-473F-862A-79698F581929}.dll
- C:\Users\DEPP\AppData\Local\Temp\{52B72539-AA0F-4C36-9205-AB50D775E725}.dll
- C:\Users\DEPP\AppData\Local\Temp\{531278E7-4ED6-4D28-967D-744110C0BC26}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5337C064-BDEE-4937-BCF5-397854AAAF71}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5445389F-17F3-4108-9C2A-28813E714AFC}.dll
- C:\Users\DEPP\AppData\Local\Temp\{55E84A22-E3E0-4FAD-BA4A-D0202F143F3A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{55FBB1A6-E279-4432-A6CC-1DCFC1BEEB5A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{57E9B326-484C-4208-A70A-DE54042A928E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5920E379-CF5C-4727-8797-97D792788EDF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5994B4DC-A0AF-4285-9346-002B07621A06}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5B328D1C-19DF-499A-B536-98317611B5EC}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5D14C32C-C319-4FC5-81B8-35D1E0C4A91D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5EADF243-05BC-4D2D-8D92-40BC027B1E2D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{5F07252A-2A44-4B5C-8F3F-82D35C69E0F6}.dll
- C:\Users\DEPP\AppData\Local\Temp\{64AB6C5C-6041-421F-B230-AA487173B1DE}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6887454C-0805-4BBD-BF8D-08C6E0AC7106}.dll
- C:\Users\DEPP\AppData\Local\Temp\{69E7BA67-7964-4C27-88DC-CE681F997A42}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6AA23D21-6CE6-4C01-A62B-D3064A57A7F9}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6AF07988-3DB9-48CC-9CBA-DDC829CB785B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6B511A01-5222-436C-AE74-76E2417AB1B7}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6B511D75-421E-4CAB-AB7E-3D8A464C2192}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6D0024F2-9828-4087-9534-65E89D0A4921}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6D0D3CF9-747E-45EA-AFFB-699DCDB01C5E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6D2B76B2-1C94-46D7-928D-E206BEA63731}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6EE66994-BD17-426A-85EB-465835F9DBC4}.dll
- C:\Users\DEPP\AppData\Local\Temp\{6EFB2B9A-AA66-479B-A113-93D4691C5B47}.dll
- C:\Users\DEPP\AppData\Local\Temp\{71F04A9C-1F5C-4E46-A0A1-EA62DB145876}.dll
- C:\Users\DEPP\AppData\Local\Temp\{72DCD8B8-B6A9-4870-988E-3AC448CF492F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{73BF141F-E469-453D-9547-6DBACBE6D302}.dll
- C:\Users\DEPP\AppData\Local\Temp\{74A80D5C-4CB5-41EE-A844-DCD0A88952F5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{74DC1A6F-3A83-4927-9CC3-D4722185D9EA}.dll
- C:\Users\DEPP\AppData\Local\Temp\{760FB135-251E-4E72-A256-344AB231938F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{766845B5-BFE7-42F7-B7E8-7F655189C7E1}.dll
- C:\Users\DEPP\AppData\Local\Temp\{779C9CDC-59B0-4CD1-ABF1-3BDBAB754247}.dll
- C:\Users\DEPP\AppData\Local\Temp\{77BCF5B3-FD4A-45A2-9643-3A6CADD8C85E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{78FED4D1-5564-4A68-A554-3391ACBA35D5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{7A049206-6588-460B-8A30-8E1A09DC7761}.dll
- C:\Users\DEPP\AppData\Local\Temp\{7B16F80D-17DC-4233-A70E-DE116A667CFF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{7BF20BC8-84F7-4B33-B8F2-801593977812}.dll
- C:\Users\DEPP\AppData\Local\Temp\{7EFAE462-3EC0-4F96-B7D1-34CE5462B522}.dll
- C:\Users\DEPP\AppData\Local\Temp\{80BCFC0E-F8E3-4449-BBC8-0A856FED36A8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{8153BEE8-970F-4E81-A823-CE8E7A547DBF}.dll
- C:\Users\DEPP\AppData\Local\Temp\{81A1ACF6-6287-4526-A3A1-1A93FF87325A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{82D72D7D-749B-4465-B889-8EB98234975B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{83BA258F-0249-49F9-B794-352B8D4DEF93}.dll
- C:\Users\DEPP\AppData\Local\Temp\{8464F9BA-C53B-4CDD-BB1A-5CE06742D0FB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{849D874F-C803-4E50-A3CD-1A4ECAB77FD2}.dll
- C:\Users\DEPP\AppData\Local\Temp\{89A3FF57-4253-4250-B117-3F8FDF6418E5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{8BD785BC-2893-43F4-B677-C0E1E6C85FA9}.dll
- C:\Users\DEPP\AppData\Local\Temp\{8ECDC064-E97D-44BB-B991-EAB5352B2EBB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{971883AD-2900-48FE-B59F-A67C80E4015E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{97FAF3A2-3AD1-4BA5-AB2E-DE09BCAEC488}.dll
- C:\Users\DEPP\AppData\Local\Temp\{99FD7777-09C1-444B-A639-C6AE90DD2837}.dll
- C:\Users\DEPP\AppData\Local\Temp\{9AA79090-FA45-4DE4-9A06-2FE93760607C}.dll
- C:\Users\DEPP\AppData\Local\Temp\{9AB3D6E3-FF80-4B00-9C1B-742DE3FD2DA4}.dll
- C:\Users\DEPP\AppData\Local\Temp\{9F2BE564-D7F3-4177-A4DE-79A4E04F69AE}.dll
- C:\Users\DEPP\AppData\Local\Temp\{A04CCE58-A9AA-45AB-94F3-F7AA03465A25}.dll
- C:\Users\DEPP\AppData\Local\Temp\{A295125B-2448-49B7-82D2-C1FBDCE7C3CB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{A38C751B-0295-410B-B014-EEAB824153CB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{A3DFDCB3-61F0-4535-9C34-27357DEBB0F0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{A59CD53D-E749-42B2-A56A-4573A2C99F9A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{A8C5542B-926A-44A7-AA49-4DD990FA4C89}.dll
- C:\Users\DEPP\AppData\Local\Temp\{AD516812-1DEF-4FBD-9188-AAAFCF6C4350}.dll
- C:\Users\DEPP\AppData\Local\Temp\{AE7B0A02-93F3-492F-AEFF-F3202D397ACD}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B1263CC0-E798-4520-9A5E-EA9FFD14C6BE}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B3042171-28B7-43EC-AF16-2F84536C2368}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B4B16B20-DA50-4474-8991-045B2DBF2CE6}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B5016091-1E79-4EBB-9896-5A4F9964E634}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B7422EA9-1F72-4A0E-9AF2-BB97C041AB57}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B7F34139-68CC-46DD-943B-E551BC9E681F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{B82A47A9-2F75-40A2-A8B7-CE96BC63229D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{BBC8920F-B055-4BEC-987F-FA2D6F98A1A8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{BEC35613-FA04-475F-857F-A5B274E17C85}.dll
- C:\Users\DEPP\AppData\Local\Temp\{BED94F9C-15C4-4F12-9F9A-D269969A6DBD}.dll
- C:\Users\DEPP\AppData\Local\Temp\{BFEA0F89-BDFF-41E1-82D5-D0BBBFF8BED1}.dll
- C:\Users\DEPP\AppData\Local\Temp\{C15222E2-7F1F-4F01-8A1A-BFB068B1F15F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{C202CDB6-8A17-411C-870E-23586558C77D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{C4B6812F-AE15-4B61-92A6-A2D9F03C3049}.dll
- C:\Users\DEPP\AppData\Local\Temp\{C633471E-63D8-45D6-B6BC-9D2BE3C00ED1}.dll
- C:\Users\DEPP\AppData\Local\Temp\{C7056FA8-257F-44C5-897B-ED54D2A771BB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{CB0A4299-982C-433B-B673-C81995E98B81}.dll
- C:\Users\DEPP\AppData\Local\Temp\{CC5C50EF-F232-483C-82A1-C221844CE5EA}.dll
- C:\Users\DEPP\AppData\Local\Temp\{CCFB4CA2-094E-4E05-BE8F-202287D55AC8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{CD64ED1B-9797-42FB-8476-2166AD3FC288}.dll
- C:\Users\DEPP\AppData\Local\Temp\{CDDCC607-5695-415A-A1C5-1E5D6AA24D9A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{CEE4CF7C-B3B8-4A00-8C69-553FE64182B5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D2E06AE5-5389-4836-934D-C75827F3FF18}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D2F1CF93-2768-4AD3-A384-3A380C5A0C50}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D36F4E49-E1AF-4E20-89AB-A8E053F2060C}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D415A734-FCD2-4F9F-8C85-3065B87BE7B2}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D46B959E-0B3E-4248-950E-5B482BBA95A7}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D47591A9-07F7-4CD1-9295-6BE0355089F5}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D4AF191A-A833-4636-BFDA-BC83907C9328}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D6854E4D-F235-4EE9-8CD7-A65DCC28B78E}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D88BC16D-EEEE-4E33-98EC-018CEFD2145B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D9C233D0-22A9-4096-BB14-133D1C092290}.dll
- C:\Users\DEPP\AppData\Local\Temp\{D9D4A64D-D1FE-4173-9A90-9993798F0945}.dll
- C:\Users\DEPP\AppData\Local\Temp\{DC81C613-6353-4EF3-B2A6-110B57A8DCC8}.dll
- C:\Users\DEPP\AppData\Local\Temp\{DEAB7E82-14ED-4062-8DD0-30B6DD041FCA}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E22DC4E9-73EB-48DC-9D20-3EE6B1446AFC}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E3972B50-BE8D-4EB7-920C-C4319AA2C31D}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E48954AE-D1A2-42A6-ABE7-5C559D2DDF73}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E489FC27-C88A-4582-B6AC-BDA9FF99E634}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E4953C66-4CC4-4CBF-B738-C3E772C1B966}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E570BF21-22BB-41A7-9685-54B8AA9A4DAB}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E593795F-2E87-41A3-90C3-C52FB8994EF7}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E7F40813-40C9-4ED8-A594-454858B5485F}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E82DE213-00BB-4B72-A0B3-B944334AFA50}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E928A117-E76B-4CFA-BA11-0EEF1340E553}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E9A9AB90-B161-4D3F-A774-EE9EBEBEA272}.dll
- C:\Users\DEPP\AppData\Local\Temp\{E9AEAF06-283C-405B-A58A-30BB43D03A83}.dll
- C:\Users\DEPP\AppData\Local\Temp\{EB7926F5-3A7D-4384-8F27-18C1AA69703B}.dll
- C:\Users\DEPP\AppData\Local\Temp\{ECF4C1E4-6D94-4A83-94EC-18FDB75A7057}.dll
- C:\Users\DEPP\AppData\Local\Temp\{EFC33802-FDDA-4EB3-89CA-FA7475841424}.dll
- C:\Users\DEPP\AppData\Local\Temp\{F043D22E-35DB-49A6-A5BC-219B28FD8D82}.dll
- C:\Users\DEPP\AppData\Local\Temp\{F340051D-DD98-4962-914A-AAA9290EDF30}.dll
- C:\Users\DEPP\AppData\Local\Temp\{F7E0A1ED-88AB-473B-8C8A-EA2471485B03}.dll
- C:\Users\DEPP\AppData\Local\Temp\{F843DA99-7A3A-41CD-A113-9359B3909878}.dll
- C:\Users\DEPP\AppData\Local\Temp\{FA26D550-5E69-4F25-B3DE-3F84808753C0}.dll
- C:\Users\DEPP\AppData\Local\Temp\{FAF5BE65-154B-4295-9FFA-D78EE05D92B7}.dll
- C:\Users\DEPP\AppData\Local\Temp\{FF6A9C5B-CD85-40D5-B25E-8316F2EEA35A}.dll
- C:\Users\DEPP\AppData\Local\Temp\{FF748BD3-C706-45B8-A200-FA1BEEE50137}.dll
- C:\Users\DEPP\AppData\Local\Temp\~sp3D31.tmp.exe
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\system32\winlogon.exe => File is digitally signed
- C:\Windows\system32\wininit.exe => File is digitally signed
- C:\Windows\system32\svchost.exe => File is digitally signed
- C:\Windows\system32\services.exe => File is digitally signed
- C:\Windows\system32\User32.dll => File is digitally signed
- C:\Windows\system32\userinit.exe => File is digitally signed
- C:\Windows\system32\rpcss.dll => File is digitally signed
- C:\Windows\system32\dnsapi.dll => File is digitally signed
- C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2016-03-29 07:44
- ==================== End of FRST.txt ============================
- Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-04-2016
- Ran by DEPP (2016-04-18 09:35:11)
- Running from C:\Users\DEPP\Desktop
- Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2013-06-17 22:25:50)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-563482115-3036595567-2997201845-500 - Administrator - Disabled)
- DEPP (S-1-5-21-563482115-3036595567-2997201845-1001 - Administrator - Enabled) => C:\Users\DEPP
- Guest (S-1-5-21-563482115-3036595567-2997201845-501 - Limited - Enabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.)
- 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
- Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
- Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
- Adobe Flash Player 21 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
- Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
- Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
- Any Video Converter 5.0.5 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
- Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
- Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
- Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
- Avast Free Antivirus (HKLM\...\avast) (Version: 11.1.2253 - AVAST Software)
- Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
- BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
- BlueStacks Notification Center (HKLM\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
- Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
- Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION
- Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
- Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
- Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
- Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version: - )
- Crysis(R) (HKLM\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
- Defaulttab (HKLM\...\DefaultTab) (Version: 2.6.1.0 - Search Results, LLC) <==== ATTENTION
- Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
- Enemy Front, âåðñèÿ 1.0.0.0 (HKLM\...\Enemy Front_is1) (Version: 1.0.0.0 - RePack by SEYTER)
- Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
- Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
- Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
- Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
- iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
- iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
- Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
- Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
- Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Mozilla Firefox 45.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
- Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
- Nero 7 Essentials (HKLM\...\{3BDEE284-1516-40E8-B784-00FEBE1B1033}) (Version: 7.02.9769 - Nero AG)
- Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
- Opera Stable 36.0.2130.65 (HKLM\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
- PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
- Photodex Presenter (HKLM\...\Photodex Presenter) (Version: - Photodex Corporation)
- PowerISO (HKLM\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
- Prezi Desktop (HKLM\...\{0b76a0df-1112-4529-b8bb-1d7e5dcd5446}) (Version: 6.5.2.0 - Prezi)
- Prezi Desktop (Version: 6.5.2.0 - Prezi) Hidden
- ProShow Gold (HKLM\...\ProShow Gold) (Version: - Photodex Corporation)
- Prototype 2 version 5.1 (HKLM\...\{B810D852-DFD6-PROT2L-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
- PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
- Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
- SafeZone Stable 1.48.2066.44 (Version: 1.48.2066.44 - Avast Software) Hidden
- Sandboxie 5.10 (32-bit) (HKLM\...\Sandboxie) (Version: 5.10 - Sandboxie Holdings, LLC)
- SelectionLinks (HKLM\...\sl-dlc) (Version: 1.0 - SelectionLinks) <==== ATTENTION
- Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
- Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
- Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version: - )
- Sniper Elite: Nazi Zombie Army (HKLM\...\Sniper Elite: Nazi Zombie Army_is1) (Version: - )
- Sniper Ghost Warrior 2 (HKLM\...\Sniper Ghost Warrior 2_is1) (Version: - )
- Speccy (HKLM\...\Speccy) (Version: 1.21 - Piriform)
- Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
- TightVNC (HKLM\...\{967FE692-A933-45CF-AF62-4E7862006042}) (Version: 2.7.7.0 - GlavSoft LLC.)
- Unity Web Player (HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
- USB PC Camera (ZS211) (HKLM\...\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}) (Version: 1.00.000 - )
- VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
- WinSCP 5.5.6 (HKLM\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
- YTD Video Downloader 5.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL) <==== ATTENTION
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\DEPP\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\DEPP\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\DEPP\AppData\Local\Chromium\Application\46.0.2472.0\delegate_execute.exe (The Chromium Authors) <==== ATTENTION
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
- CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{F5DF8D65-559D-4b75-8562-5302BD2F5F20}\InprocServer32 -> C:\Users\DEPP\AppData\Roaming\2XClient\TuxClientSystem.dll => No File
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0CF3C58F-39F7-44A6-8CAF-2655AEF528FD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
- Task: {0FBE8889-3B2C-48AB-9B37-CA80BA0C09E6} - System32\Tasks\System Monitor => C:\ProgramData\554348\sysmon.exe
- Task: {317CC414-8424-49A3-A5C4-8AF045C80002} - System32\Tasks\Opera scheduled Autoupdate 1408912582 => C:\Program Files\Opera\launcher.exe [2016-04-11] (Opera Software)
- Task: {37C61145-B144-46D0-908F-B276563B607C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-14] (Adobe Systems Incorporated)
- Task: {5BECD02C-9C64-496D-A48A-5348201BB992} - System32\Tasks\Windows 32 Binary HEX => C:\ProgramData\Bin\win32bin.exe
- Task: {80C4FB13-F66D-4679-9B15-2AC99266234A} - System32\Tasks\avastBCLRestartS-1-5-21-563482115-3036595567-2997201845-1001 => Chrome.exe
- Task: {98320297-D3E4-417F-BCE7-66B767C9F933} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
- Task: {9CBA5A6E-8BE4-444B-A643-9E4C5102726B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated)
- Task: {AEAA0847-D3D2-45D8-BFF2-279C91F63500} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
- Task: {AFDD5016-DB89-4C10-BE62-5375BA76F00D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001UA => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-30] (Facebook Inc.)
- Task: {C0EA9E3C-9689-425B-8E03-B3CB31535DDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
- Task: {CE65177F-2C1E-418B-82A0-A70336985643} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001Core => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-30] (Facebook Inc.)
- Task: {E226E134-11F8-4216-9BFE-7CB3A928C332} - System32\Tasks\SafeZone scheduled Autoupdate 1454737329 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
- Task: {FA5349F1-22D1-4E96-BF79-4EC353D46F30} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-05] (AVAST Software)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
- Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001Core.job => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe
- Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001UA.job => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2016-02-05 17:13 - 2016-02-05 17:13 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
- 2016-02-05 17:13 - 2016-02-05 17:13 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
- 2016-04-18 06:33 - 2016-04-18 06:33 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041701\algo.dll
- 2016-04-15 09:27 - 2016-04-15 09:27 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
- 2013-06-19 12:57 - 2010-07-28 17:34 - 00022424 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
- 2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
- 2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
- 2013-06-19 19:40 - 2015-06-27 14:32 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
- 2014-04-29 08:27 - 2014-04-29 08:27 - 00186760 _____ () C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
- 2013-06-19 12:57 - 2010-06-23 18:11 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
- 2013-06-19 12:57 - 2010-06-23 18:11 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
- 2013-06-19 12:57 - 2010-06-23 18:12 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
- 2013-06-19 12:57 - 2010-06-23 18:11 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
- 2013-07-05 21:23 - 2010-06-23 17:38 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
- 2013-07-05 21:23 - 2010-07-28 17:02 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
- 2016-02-05 17:13 - 2016-02-05 17:13 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
- 2016-04-12 15:46 - 2016-04-06 03:04 - 01675928 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
- 2016-04-12 15:46 - 2016-04-06 03:04 - 00086168 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.112\libegl.dll
- 2016-04-01 19:15 - 2015-11-05 14:24 - 00515584 _____ () C:\Users\DEPP\Desktop\geeksn0w\RA4W VPN32.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-13 19:04 - 2015-08-08 06:33 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DEPP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- DNS Servers: 192.168.0.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is disabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{3FD442EF-33AB-4190-A432-2CBB7C1AA969}] => (Allow) C:\Users\DEPP\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{08AD037C-C8CB-4F9F-869B-4EEE75A5E24D}] => (Allow) C:\Users\DEPP\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{49CEC128-DECC-46E5-9350-E6BEE50AC323}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
- FirewallRules: [{5583890C-3A44-4B3D-95CF-C08D8058D810}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{A956B588-44D6-4ACE-93A9-D66EEAF32943}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [TCP Query User{AAF4476C-FE2D-41DA-8C8B-5B79DF5C79CC}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
- FirewallRules: [UDP Query User{0E2CA305-4D75-4DCE-BCBE-2DD5AD593B31}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
- FirewallRules: [TCP Query User{1C63C217-F638-4518-9674-B38717D8A5A0}C:\users\depp\downloads\utorrent.exe] => (Allow) C:\users\depp\downloads\utorrent.exe
- FirewallRules: [UDP Query User{D4E0DA83-C962-4DBA-BCDD-042A901069B7}C:\users\depp\downloads\utorrent.exe] => (Allow) C:\users\depp\downloads\utorrent.exe
- FirewallRules: [{0C67BA8C-9E1C-45FB-8545-9E0AFAC7AE0F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
- FirewallRules: [{64FE13BC-49F7-4868-95D9-BBAD7A4912F5}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
- FirewallRules: [{60B5545D-B860-4A00-A5D8-6E0E99DACB8C}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
- FirewallRules: [{3B18D039-3E82-4A7C-AB0E-3C0C2EA1A162}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
- FirewallRules: [{7A38F0BD-5AC2-4737-B1E8-01AE6DDC123B}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
- FirewallRules: [{E5A16D7A-4228-42D0-B547-D78EACE34020}] => (Allow) C:\Windows\System32\PnkBstrA.exe
- FirewallRules: [{A6B96D93-5CA5-455F-898B-D9BC16262C4A}] => (Allow) C:\Windows\System32\PnkBstrA.exe
- FirewallRules: [{2E05EA88-31D0-49B5-A09B-63999FA669F6}] => (Allow) C:\Windows\System32\PnkBstrB.exe
- FirewallRules: [{03885BC3-F077-4974-889A-C66D447F5E6F}] => (Allow) C:\Windows\System32\PnkBstrB.exe
- FirewallRules: [{40ECF42C-8749-4014-9153-29798BB88D61}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
- FirewallRules: [{01F91D2B-A1A4-4B3F-98AE-2ACAF459C2EA}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
- FirewallRules: [{06CC19BD-60AA-4A0A-B8B7-CB1166EACDCC}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
- FirewallRules: [{8920CC59-BCEE-45FE-AE48-82F38414ADD1}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
- FirewallRules: [{8E6B5BAA-5A28-465C-8209-E94D2FFDD378}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
- FirewallRules: [TCP Query User{5FB6F1FF-EAF1-4C2E-A14F-87F2D2142BB6}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
- FirewallRules: [UDP Query User{2AF54E52-A604-4427-998C-96992D90357F}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
- FirewallRules: [TCP Query User{1674CBEB-C069-4F67-9937-3270465A739A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
- FirewallRules: [UDP Query User{FE37809E-EB0B-47C4-A321-D8ADFE803FDE}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
- FirewallRules: [TCP Query User{C6423CF7-9528-4808-B29B-88351E69A76C}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
- FirewallRules: [UDP Query User{D7E27D8E-772C-4BF7-A0F0-45445DADAD0D}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
- FirewallRules: [{16C6FA8E-56F8-48BA-9345-03E0F8EE17B3}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
- FirewallRules: [{2D71C039-799F-4CF3-AE15-25D7AC85B91F}] => (Allow) C:\Users\DEPP\AppData\Local\Temp\HBCD\Ghost32.Exe
- FirewallRules: [{ED34E053-CB31-4946-927F-864CA6D28C60}] => (Allow) C:\Users\DEPP\AppData\Local\Temp\HBCD\Ghost32.Exe
- FirewallRules: [{BAB15BB2-5D63-49F8-BBCF-87458F40A464}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
- FirewallRules: [{73E2BB92-8CC6-4583-90D5-BED3830B2553}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
- FirewallRules: [{9E9E7F5C-B34E-42F5-9011-32DABF7A3802}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
- FirewallRules: [{B41DDE6B-E080-49FE-8CC7-038A934B74F8}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
- FirewallRules: [TCP Query User{CCB8C4DF-6BDF-4495-BD65-B4410757E149}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
- FirewallRules: [UDP Query User{0B8CC9FB-34AB-4E4A-B005-41701FD9F177}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
- FirewallRules: [TCP Query User{E1A73CE8-BE9F-4AD0-8B9C-E044A0807D35}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
- FirewallRules: [UDP Query User{AE7F40BC-9131-4062-86D2-6D8521A5E7BB}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
- FirewallRules: [TCP Query User{1A7F083A-26D0-413F-8231-9B736C54B8D6}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
- FirewallRules: [UDP Query User{6C350C93-7909-403B-ADD1-957D7FD56B8B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
- FirewallRules: [TCP Query User{865D0CED-96EE-4745-B3E8-5E88EB9E35FD}C:\program files\cloudsee\jdcs.exe] => (Allow) C:\program files\cloudsee\jdcs.exe
- FirewallRules: [UDP Query User{6BFB75FA-0284-4480-BF08-9BFEEA604ADC}C:\program files\cloudsee\jdcs.exe] => (Allow) C:\program files\cloudsee\jdcs.exe
- FirewallRules: [TCP Query User{EFEA20FE-2037-4A11-8265-3B538E86B527}C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe] => (Block) C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe
- FirewallRules: [UDP Query User{0655DE30-E607-4A58-B55D-81D76AD26867}C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe] => (Block) C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe
- FirewallRules: [TCP Query User{1B87BD97-B2AD-4A0C-B03D-B2692E2FF072}C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe] => (Allow) C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe
- FirewallRules: [UDP Query User{03D2DB0B-88FB-49D3-8938-EF397BDBCC61}C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe] => (Allow) C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe
- FirewallRules: [TCP Query User{3FBC1E50-3A6E-4953-AA95-C5C441B12D78}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
- FirewallRules: [UDP Query User{A2AE42EB-8E3F-446B-86A4-98A1EA386D49}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
- FirewallRules: [TCP Query User{E2F3C37A-3294-4204-8FFB-66B132298E2A}C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe] => (Allow) C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe
- FirewallRules: [UDP Query User{1E0487C9-09E5-457E-AC68-1E434AA5049C}C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe] => (Allow) C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe
- FirewallRules: [{FA974AEF-3545-4308-8175-F64ACE4E507E}] => (Allow) C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
- FirewallRules: [TCP Query User{72396F42-94D2-4731-B126-7C7E555B726D}D:\games\warcraft iii\war3.exe] => (Allow) D:\games\warcraft iii\war3.exe
- FirewallRules: [UDP Query User{F1782BB3-97A9-4686-830D-CAFA45199892}D:\games\warcraft iii\war3.exe] => (Allow) D:\games\warcraft iii\war3.exe
- FirewallRules: [{2585272C-6160-4EF2-AAC1-B2F191CC6F20}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
- FirewallRules: [{42C22D7A-AC74-444D-A35C-927D67072857}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
- FirewallRules: [{50D02A2E-C3F6-450E-8E7D-A18E53E382CA}] => (Allow) C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
- FirewallRules: [{102738E8-1793-4BA6-9ADE-AF24D7E16ED6}] => (Allow) C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
- FirewallRules: [TCP Query User{EC41A77F-F602-43FB-BA7E-FA4859DB751A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
- FirewallRules: [UDP Query User{7F15AFB1-7023-44CD-A255-CA05E911E91B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
- FirewallRules: [{A9465E2E-A621-41DE-B8FB-915C96327EE6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
- FirewallRules: [{A6F65244-AEBB-49CD-8E20-2F362AF5D8E3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
- FirewallRules: [{2A13DD8B-9004-4816-AB87-ACD621457B15}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
- FirewallRules: [{33C197EB-23F4-491F-99EB-92DFB88E050C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{1E427E47-7224-45FD-8712-890C84C350EB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{FF0F4C30-EC73-4492-A375-16610454BA6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
- FirewallRules: [{B7D314D4-72E2-4AAF-BB69-3BA81A7FF60B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
- FirewallRules: [TCP Query User{2FDDCCB5-A68E-4052-B8D6-A5D24B00E429}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe
- FirewallRules: [UDP Query User{2BAB3384-8BDB-4141-B5D8-2B7AD5952720}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe
- FirewallRules: [TCP Query User{DF15F5E4-BFBD-4D71-87DC-E4767A47A6C5}C:\program files\strogino cs portal\dota 2\dota.exe] => (Allow) C:\program files\strogino cs portal\dota 2\dota.exe
- FirewallRules: [UDP Query User{64BDB4E5-18D2-42F6-A493-95052C63FBAE}C:\program files\strogino cs portal\dota 2\dota.exe] => (Allow) C:\program files\strogino cs portal\dota 2\dota.exe
- FirewallRules: [{E3501E7A-BF7B-4A52-94DE-F5457F5E44AF}] => (Allow) C:\Program Files\Steam\Steam.exe
- FirewallRules: [{2B2153C7-3EB0-4386-935E-AAC88BD70DC3}] => (Allow) C:\Program Files\Steam\Steam.exe
- FirewallRules: [{52A9931C-6F9E-4857-AF55-E0B056585E8A}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
- FirewallRules: [{E18BDEDD-87A0-4F62-967D-F30EA8C8F7E1}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
- FirewallRules: [{FF88CB1D-716C-436D-8EC1-138F20D13AA1}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
- FirewallRules: [{AA76D42E-A6CE-48CE-9E59-F79B917D472D}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
- FirewallRules: [TCP Query User{620AC552-538E-4C5C-B7C0-E26FA9CB6A19}C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Block) C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
- FirewallRules: [UDP Query User{AC9F1A68-2977-4086-B892-2519B2A42729}C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Block) C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
- FirewallRules: [TCP Query User{7D469ADE-8D64-4EDB-A560-44341BAEDA45}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
- FirewallRules: [UDP Query User{9029672B-4969-4F34-BFC6-D6DD83D9E882}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
- FirewallRules: [{74D49766-D62D-460F-9A29-91F777E2A47A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
- FirewallRules: [{1A3EBF55-C3AC-4029-B9FD-BDFEE0565744}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
- FirewallRules: [{40D281DF-1054-4D8E-AB80-00A6E23998B6}] => (Allow) C:\Users\DEPP\AppData\Local\Chromium\Application\chrome.exe
- FirewallRules: [TCP Query User{B46E5783-6207-4B14-BE71-D2C22E449D22}C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe] => (Allow) C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe
- FirewallRules: [UDP Query User{331CD783-A727-4B54-959F-E6380D79C2CC}C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe] => (Allow) C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe
- FirewallRules: [TCP Query User{BD5A401C-81E9-4D99-9A01-F20C6D4ACF21}C:\users\depp\desktop\pack\luminosity.exe] => (Allow) C:\users\depp\desktop\pack\luminosity.exe
- FirewallRules: [UDP Query User{F1E0593D-3610-424A-BA99-B8A293A1E6A1}C:\users\depp\desktop\pack\luminosity.exe] => (Allow) C:\users\depp\desktop\pack\luminosity.exe
- FirewallRules: [TCP Query User{94876418-B8BC-406C-A1DE-5CF824906208}C:\users\depp\desktop\p\luminosity.exe] => (Allow) C:\users\depp\desktop\p\luminosity.exe
- FirewallRules: [UDP Query User{4274D4BC-BF87-4042-A15A-DD35A5FB9F73}C:\users\depp\desktop\p\luminosity.exe] => (Allow) C:\users\depp\desktop\p\luminosity.exe
- FirewallRules: [{CCA5DFFF-578D-4E50-A01F-D1F8E65847E9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
- FirewallRules: [{2F1D295E-630E-493A-A8E5-115E7D347806}] => (Allow) LPort=3547
- FirewallRules: [{AA7A231C-9376-40CE-AAD3-64F44E883E62}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
- FirewallRules: [{6DE83992-B7DC-469D-AA35-30832F037918}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
- FirewallRules: [{288DC82F-D74C-42A0-A7ED-61E7EF1E9B45}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{A86C7123-0320-42B9-84A1-375A6C054985}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
- ==================== Restore Points =========================
- 08-04-2016 07:52:33 Scheduled Checkpoint
- 08-04-2016 15:33:27 Windows Update
- 13-04-2016 05:43:58 Windows Update
- 14-04-2016 04:10:36 Windows Update
- 18-04-2016 07:41:45 Windows Update
- ==================== Faulty Device Manager Devices =============
- Name: TP-LINK 150Mbps Wireless N PCI Express Adapter
- Description: TP-LINK 150Mbps Wireless N PCI Express Adapter
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: TP-LINK
- Service: athr
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (04/18/2016 08:12:53 AM) (Source: Google Update) (EventID: 20) (User: DEPP-PC)
- Description: Network Request Error.
- Error: 0x80072ee7. Http status code: 0.
- Url=https://www.facebook.com/omaha/update.php
- Trying config: source=IE, direct connection.
- trying CUP:WinHTTP.
- Send request returned 0x80072ee7. Http status code 0.
- trying WinHTTP.
- Send request returned 0x80072ee7. Http status code 0.
- trying CUP:iexplore.
- Send request returned 0x80004005. Http status code 0.
- Trying config: source=auto, wpad=1, script=.
- trying CUP:WinHTTP.
- Send request returned 0x80072ee7. Http status code 0.
- trying WinHTTP.
- Send request returned 0x80072ee7. Http status code 0.
- trying CUP:iexplore.
- Send request returned 0x80004005. Http status code 0.
- Trying config: source=IE, direct connection.
- trying CUP:WinHTTP.
- Send request returned 0x80072ee7. Http status code 0.
- trying WinHTTP.
- Send request returned 0x80072ee7. Http status code 0.
- trying CUP:iexplore.
- Send request returned 0x80004005. Http status code 0.
- Trying config: source=auto, wpad=1, script=.
- trying CUP:WinHTTP.
- Send request returned 0x80040880
- Error: (04/18/2016 07:56:30 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: RA4W VPN.exe, version: 1.0.0.0, time stamp: 0x52fe87e6
- Faulting module name: KERNELBASE.dll, version: 6.1.7601.23392, time stamp: 0x56eb2fb9
- Exception code: 0xe0434352
- Fault offset: 0x0000845d
- Faulting process id: 0x1704
- Faulting application start time: 0xRA4W VPN.exe0
- Faulting application path: RA4W VPN.exe1
- Faulting module path: RA4W VPN.exe2
- Report Id: RA4W VPN.exe3
- Error: (04/18/2016 07:56:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
- Description: Application: RA4W VPN.exe
- Framework Version: v4.0.30319
- Description: The process was terminated due to an unhandled exception.
- Exception Info: System.ComponentModel.Win32Exception
- at System.Windows.Forms.NativeWindow.CreateHandle(System.Windows.Forms.CreateParams)
- at System.Windows.Forms.Control.CreateHandle()
- at System.Windows.Forms.Control.get_Handle()
- at System.Windows.Forms.Control.get_WindowText()
- at System.Windows.Forms.Control.get_Text()
- at System.Windows.Forms.Label.get_Text()
- at System.Windows.Forms.Control.set_Text(System.String)
- at System.Windows.Forms.Label.set_Text(System.String)
- at DynamicClass.(RA4W_VPN.Form1)
- at RA4W_VPN.Form1.IPGETTER()
- at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
- at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
- at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
- at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
- at System.Threading.ThreadHelper.ThreadStart()
- Error: (04/18/2016 07:51:42 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: Explorer.EXE, version: 6.1.7601.19135, time stamp: 0x56a1ba55
- Faulting module name: wucltux.dll, version: 7.6.7601.19161, time stamp: 0x56be2700
- Exception code: 0xc0000005
- Fault offset: 0x00008d50
- Faulting process id: 0x730
- Faulting application start time: 0xExplorer.EXE0
- Faulting application path: Explorer.EXE1
- Faulting module path: Explorer.EXE2
- Report Id: Explorer.EXE3
- Error: (04/18/2016 07:35:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: The program Luminosity 1.5.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
- Process ID: 10d4
- Start Time: 01d1997f43cf4cf2
- Termination Time: 12
- Application Path: C:\Users\DEPP\Desktop\geeksn0w\Luminosity 1.5.exe
- Report Id: bb35d431-0572-11e6-9662-94de801e18e2
- Error: (04/18/2016 07:20:10 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: iTunesHelper.exe, version: 12.1.1.4, time stamp: 0x54de1375
- Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
- Exception code: 0xc0000005
- Fault offset: 0x7519fff6
- Faulting process id: 0x14f4
- Faulting application start time: 0xiTunesHelper.exe0
- Faulting application path: iTunesHelper.exe1
- Faulting module path: iTunesHelper.exe2
- Report Id: iTunesHelper.exe3
- Error: (04/18/2016 07:20:06 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: taskmgr.exe, version: 6.1.7601.17514, time stamp: 0x4ce78d21
- Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
- Exception code: 0xc0000005
- Fault offset: 0x7519fff6
- Faulting process id: 0xd78
- Faulting application start time: 0xtaskmgr.exe0
- Faulting application path: taskmgr.exe1
- Faulting module path: taskmgr.exe2
- Report Id: taskmgr.exe3
- Error: (04/18/2016 07:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: chrome.exe, version: 49.0.2623.112, time stamp: 0x570458bc
- Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
- Exception code: 0xc0000005
- Fault offset: 0x7519fff6
- Faulting process id: 0x12f4
- Faulting application start time: 0xchrome.exe0
- Faulting application path: chrome.exe1
- Faulting module path: chrome.exe2
- Report Id: chrome.exe3
- Error: (04/18/2016 07:19:56 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: RtHDVCpl.exe, version: 1.0.0.851, time stamp: 0x515502aa
- Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
- Exception code: 0xc0000005
- Fault offset: 0x7519fff6
- Faulting process id: 0xbc0
- Faulting application start time: 0xRtHDVCpl.exe0
- Faulting application path: RtHDVCpl.exe1
- Faulting module path: RtHDVCpl.exe2
- Report Id: RtHDVCpl.exe3
- Error: (04/18/2016 07:19:52 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: sidebar.exe, version: 6.1.7601.17514, time stamp: 0x4ce79791
- Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
- Exception code: 0xc0000005
- Fault offset: 0x7519fff6
- Faulting process id: 0x1584
- Faulting application start time: 0xsidebar.exe0
- Faulting application path: sidebar.exe1
- Faulting module path: sidebar.exe2
- Report Id: sidebar.exe3
- System errors:
- =============
- Error: (04/18/2016 09:07:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s).
- Error: (04/18/2016 08:16:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (04/18/2016 08:16:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s).
- Error: (04/18/2016 08:16:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (04/18/2016 07:59:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The TightVNC Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
- Error: (04/18/2016 07:59:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s).
- Error: (04/18/2016 07:51:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
- Description: The Windows Update service hung on starting.
- Error: (04/18/2016 07:51:24 AM) (Source: DCOM) (EventID: 10010) (User: )
- Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
- Error: (04/18/2016 07:46:35 AM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 7:45:02 AM on 4/18/2016 was unexpected.
- Error: (04/18/2016 07:30:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s).
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
- Percentage of memory in use: 73%
- Total physical RAM: 3563.95 MB
- Available physical RAM: 949.85 MB
- Total Virtual: 7126.22 MB
- Available Virtual: 4065.77 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:265.46 GB) (Free:31.27 GB) NTFS
- Drive d: () (Fixed) (Total:200.2 GB) (Free:108.56 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2140375F)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=265.5 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=200.2 GB) - (Type=OF Extended)
- ==================== End of Addition.txt ============================
Add Comment
Please, Sign In to add comment