Untitled

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-04-2016
Ran by DEPP (administrator) on DEPP-PC (18-04-2016 09:33:22)
Running from C:\Users\DEPP\Desktop
Loaded Profiles: DEPP (Available Profiles: DEPP)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\Photodex\ProShow Gold\scsiaccess.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(PowerISO Computing, Inc.) C:\Program Files\PowerISO\PWRISOVM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Fishy Inc) C:\Users\DEPP\Desktop\geeksn0w\FagDNSUpdater.exe
(RA4W VPN) C:\Users\DEPP\Desktop\geeksn0w\RA4W VPN.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161064 2007-07-04] (Nero AG)
HKLM\...\Run: [ZSSnp211] => C:\Windows\ZSSnp211.exe [49152 2006-08-19] (ZSMCSNAP)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-08-18] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1612784 2013-06-06] (GlavSoft LLC.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [307200 2011-06-14] (PowerISO Computing, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1485208 2010-07-28] (Affinegy, Inc.)
HKLM\...\Run: [USBScan.exe] => C:\Program Files\USBScan\USBScan.exe -Hide
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM\...\Run: [snpstd] => C:\Windows\vsnpstd.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-25] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [644240 2016-02-26] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\RunOnce: [Microsoft Corporation WddbIKiPaDSUGKHd] => C:\Users\DEPP\AppData\Roaming\WddbIKiPaDSUGKHd.exe [1595392 2016-04-18] ()
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\MountPoints2: {58e89a20-dd2a-11e3-9a55-002522987bad} - H:\iStudio.exe
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\MountPoints2: {f067e3e1-e60d-11e4-b856-94de801e18e2} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-05] (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-563482115-3036595567-2997201845-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224 2012-10-03] (Microsoft Corporation) ATTENTION: LibraryPath should be "C:\Windows)\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{048FDD65-0EAD-4861-A251-F6E16FE6714D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9D9FA4B9-6D77-4D3E-9DB9-48567F376F39}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B52C9A39-209B-4B29-BC15-24329C944D86}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcglcWQhCERgbJQFeTA1EGQAOIgxaWRQVQ1QUJQhcAFtJFFMFIk0FA1ADB0VXfVBdFElXTwhnKUpbDk8UU0xiMEk=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0&ocid=iehp
HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=bfp_coinisre_16_09&cd=2XzuyEtN2Y1L1Qzu0AtD0FtA0CtC0CyEtCtBtBtCtDzy0EyEtN0D0Tzu0StCyDtByEtN1L2XzutAtFtCzztFtCtFyDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByD0A0CyC0DtAtBtGtBtDtA0BtG0B0Fzy0DtGtBtDzy0FtGtBtCzz0CtByE0DtDyD0B0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytDtByD0CtD0FtGtA0D0CzztGyEtAzytDtG0ByBtDyDtG0A0CyB0F0CyC0AyB0F0CtDyB2QtN0A0LzutB&cr=343473937&ir=&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> OldSearch URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=121631&babsrc=SP_ss&mntrId=D07C002522987BAD
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {2802DE9B-C921-45D8-B15E-2F5CFEEB6301} URL = hxxps://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=830633&p={searchTerms}
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://www.palikan.com/results.php?f=4&a=bfp_coinisre_16_09&cd=2XzuyEtN2Y1L1Qzu0AtD0FtA0CtC0CyEtCtBtBtCtDzy0EyEtN0D0Tzu0StCyDtByEtN1L2XzutAtFtCzztFtCtFyDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StByD0A0CyC0DtAtBtGtBtDtA0BtG0B0Fzy0DtGtBtDzy0FtGtBtCzz0CtByE0DtDyD0B0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytDtByD0CtD0FtGtA0D0CzztGyEtAzytDtG0ByBtDyDtG0A0CyB0F0CyC0AyB0F0CtDyB2QtN0A0LzutB&cr=343473937&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {883A7FD9-E6BB-481F-A75D-8ABA018A7BB5} URL = hxxp://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}
SearchScopes: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKUV1JEAYTbQFdWV9cFQAbdRRaVFtJDFFBIQ5dUF0QQw0WJh9aFQQTSEcFME0FCFwEURNNfX1REloeV1BROXhIEQ==&q={searchTerms}
BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-05] (AVAST Software)
BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: No Name -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-563482115-3036595567-2997201845-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default
FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAARcF0AUApBDA1GeF8VVQxJFBhBdVsATF0TQAJGcV1ZAwFERxNBNARaB0tXUUEeGGlxR1dMZVxQI1ZOBEsIYEVT
FF DefaultSearchEngine: Yahoo!
FF DefaultSearchEngine.US: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxps://ph.search.yahoo.com/?type=830633&fr=spigot-yhp-ff
hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcglcWQhCERgbJQFeTA1EGQAOIgxaWRQVQ1QUJQhcAFtJFFMFIk0FA18DB0VXfWFoKB8fHHFKM1pXF1wDWHRTMA==
FF Keyword.URL: hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=830633&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-10] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2014-04-29] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-20] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-563482115-3036595567-2997201845-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-563482115-3036595567-2997201845-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DEPP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-06] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\user.js [2016-01-10]
FF SearchPlugin: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\searchplugins\default.xml [2016-04-11]
FF SearchPlugin: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\searchplugins\Palikan.xml [2016-03-04]
FF SearchPlugin: C:\Users\DEPP\AppData\Roaming\Mozilla\Firefox\Profiles\9ee226kc.default\searchplugins\yahoo_ff.xml [2016-04-03]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-05]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-01] [not signed]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-05]
FF HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEPP\AppData\Roaming\IDM\idmmzcc5 => not found
FF HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEPP\AppData\Roaming\IDM\idmmzcc5 => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-02-09]

Chrome:
=======
CHR HomePage: Default -> hxxps://ph.search.yahoo.com/?type=830633&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://ph.search.yahoo.com/?type=830633&fr=yo-yhp-ch"
CHR Profile: C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-19]
CHR Extension: (Google Docs) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-19]
CHR Extension: (Google Drive) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
CHR Extension: (YouTube) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-19]
CHR Extension: (Adblock Plus) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-19]
CHR Extension: (Adobe Acrobat) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-03-19]
CHR Extension: (Google Sheets) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-19]
CHR Extension: (Google Docs Offline) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18]
CHR Extension: (Avast Online Security) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-08]
CHR Extension: (Skype) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-19]
CHR Extension: (Palikan New Tab) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej [2016-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\DEPP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-563482115-3036595567-2997201845-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcglcWQhCERgbJQFeTA1EGQAOIgxaWRQVQ1QUJQhcAFtJFFMFIk0FA1oDB0VXfV5bFElXTwhnKUpbDk8UU0xiMEk="
OPR Session Restore: -> is enabled.
OPR Extension: (Discovery App) - C:\Users\DEPP\AppData\Roaming\Opera Software\Opera Stable\Extensions\ahckhjibgfpddoogbomdemiekkalmema [2016-03-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4403136 2016-02-05] (Avast Software)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S2 DefaultTabUpdate; C:\Users\DEPP\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-06-17] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2015-06-27] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [146576 2016-02-26] (Sandboxie Holdings, LLC)
R2 ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [186760 2014-04-29] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1612784 2013-06-06] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-02-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-02-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-24] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-11] (AVAST Software)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131704 2015-06-16] (BlueStack Systems)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [129144 2016-02-05] (AVAST Software)
S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [176784 2016-02-26] (Sandboxie Holdings, LLC)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [60156 2011-06-15] (PowerISO Computing, Inc.) [File not signed]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31360 2015-11-05] (The OpenVPN Project)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [252152 2016-02-05] (Avast Software)
R1 WMDrive; C:\Windows\system32\drivers\WMDrive.sys [65856 2014-04-30] (WinMount International Inc) [File not signed]
R3 ZSMC211; C:\Windows\System32\Drivers\ZS211.sys [391836 2006-08-08] (ZSMC Corporation) [File not signed]
S3 SliceDisk5; \??\C:\Users\DEPP\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk.sys [X]
S3 snpstd; system32\DRIVERS\snpstd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-18 09:33 - 2016-04-18 09:34 - 00027681 _____ C:\Users\DEPP\Desktop\FRST.txt
2016-04-18 09:31 - 2016-04-18 09:33 - 00000000 ____D C:\FRST
2016-04-18 09:28 - 2016-04-18 09:30 - 01726464 _____ (Farbar) C:\Users\DEPP\Desktop\FRST.exe
2016-04-18 08:48 - 2016-04-18 08:48 - 00329035 _____ C:\Users\DEPP\Downloads\portlistener.zip
2016-04-18 08:38 - 2016-04-18 08:38 - 01595392 ___SH C:\Users\DEPP\AppData\Roaming\WddbIKiPaDSUGKHd.exe
2016-04-18 07:45 - 2016-04-18 07:45 - 00002829 _____ C:\Windows\diagerr.xml
2016-04-18 07:45 - 2016-04-18 07:45 - 00001908 _____ C:\Windows\diagwrn.xml
2016-04-16 14:06 - 2016-04-18 06:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-16 12:29 - 2016-04-16 12:29 - 00813320 _____ (Shark Labs) C:\Users\DEPP\Downloads\CFSetup429.exe
2016-04-16 12:29 - 2016-04-16 12:29 - 00000000 ____D C:\Users\DEPP\Documents\Skype Voice Records
2016-04-16 12:29 - 2016-04-16 12:29 - 00000000 ____D C:\Users\DEPP\Documents\Clownfish Avatars
2016-04-16 10:35 - 2016-04-16 10:35 - 00000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-04-16 10:35 - 2016-04-16 10:35 - 00000877 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-04-16 10:16 - 2016-04-16 10:16 - 00011778 _____ C:\Users\DEPP\Downloads\listen.zip
2016-04-16 09:29 - 2016-04-18 09:34 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Skype
2016-04-14 15:29 - 2016-04-14 15:31 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Bitcoin
2016-04-14 15:19 - 2016-04-14 15:28 - 33537119 _____ C:\Users\DEPP\Downloads\bitcoin-0.12.0-win32.zip
2016-04-14 15:10 - 2016-04-14 15:11 - 00081920 _____ C:\Users\DEPP\Downloads\wallet.dat
2016-04-14 11:07 - 2016-04-16 13:55 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-13 12:11 - 2016-03-31 11:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 12:11 - 2016-03-30 17:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 12:11 - 2016-03-30 17:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 12:11 - 2016-03-30 17:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 12:11 - 2016-03-30 16:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 12:11 - 2016-03-30 16:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 12:11 - 2016-03-30 16:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 12:11 - 2016-03-30 16:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 12:11 - 2016-03-30 16:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 12:11 - 2016-03-30 16:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 12:11 - 2016-03-30 16:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 12:11 - 2016-03-30 16:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 12:11 - 2016-03-30 16:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 12:11 - 2016-03-30 16:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 12:11 - 2016-03-30 16:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 12:11 - 2016-03-30 16:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 12:11 - 2016-03-30 16:45 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 12:11 - 2016-03-30 16:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 12:11 - 2016-03-30 16:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 12:11 - 2016-03-30 16:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 12:11 - 2016-03-30 16:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 12:11 - 2016-03-30 16:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 12:11 - 2016-03-30 16:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 12:11 - 2016-03-30 16:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 12:11 - 2016-03-30 16:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 12:11 - 2016-03-30 16:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 12:11 - 2016-03-30 16:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 12:11 - 2016-03-30 16:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 12:11 - 2016-03-30 16:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 12:11 - 2016-03-30 16:23 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 12:11 - 2016-03-30 16:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 12:11 - 2016-03-30 16:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 12:11 - 2016-03-30 16:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 12:11 - 2016-03-30 16:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 12:11 - 2016-03-30 16:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 11:29 - 2016-03-29 10:35 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 11:13 - 2016-03-17 15:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-04-13 11:13 - 2016-03-17 15:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 11:13 - 2016-03-17 15:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 11:13 - 2016-03-17 15:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 11:13 - 2016-03-17 15:33 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 11:13 - 2016-03-17 15:30 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 11:13 - 2016-03-17 15:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 11:13 - 2016-03-17 15:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 11:13 - 2016-03-17 15:30 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 11:13 - 2016-03-17 15:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 11:13 - 2016-03-17 15:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 11:13 - 2016-03-17 15:29 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 11:13 - 2016-03-17 15:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 11:13 - 2016-03-17 15:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 11:13 - 2016-03-17 15:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 11:13 - 2016-03-17 15:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 11:13 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 11:13 - 2016-03-17 15:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 11:13 - 2016-03-17 15:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 11:13 - 2016-03-17 15:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 11:13 - 2016-03-17 15:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 11:13 - 2016-03-17 15:26 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 11:13 - 2016-03-17 15:26 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 11:13 - 2016-03-17 15:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 11:13 - 2016-03-17 15:26 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 11:13 - 2016-03-17 15:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 11:13 - 2016-03-17 15:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 15:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 14:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 11:13 - 2016-03-17 14:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 11:13 - 2016-03-17 14:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 11:13 - 2016-03-17 14:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 11:13 - 2016-03-17 14:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 11:13 - 2016-03-17 14:36 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 11:13 - 2016-03-17 14:35 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 11:13 - 2016-03-17 14:30 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 11:13 - 2016-03-17 14:30 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 11:13 - 2016-03-17 14:30 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 11:13 - 2016-03-17 14:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 11:13 - 2016-03-17 14:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 11:13 - 2016-03-17 14:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 11:13 - 2016-03-17 14:29 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 11:13 - 2016-03-17 14:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 14:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 14:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 11:13 - 2016-03-17 14:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 11:13 - 2016-03-16 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-04-13 11:13 - 2016-03-16 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 11:13 - 2016-02-02 11:48 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 11:08 - 2016-03-15 16:53 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 11:08 - 2016-03-15 16:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 11:07 - 2016-03-11 11:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 11:07 - 2016-01-20 17:51 - 00057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 11:02 - 2016-04-04 10:54 - 00034024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 11:02 - 2016-04-04 10:42 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 11:02 - 2016-04-02 06:07 - 01218048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 11:02 - 2016-03-23 07:02 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 11:02 - 2016-03-17 11:04 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 11:02 - 2016-03-17 11:04 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 11:02 - 2016-03-17 11:04 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 11:02 - 2016-03-17 11:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 11:02 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 11:02 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 11:01 - 2016-02-05 11:44 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 11:01 - 2016-02-05 10:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 11:01 - 2015-06-03 13:22 - 00355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-11 14:06 - 2016-04-11 14:06 - 00000000 __SHD C:\found.001
2016-04-11 11:21 - 2016-04-11 11:21 - 00000000 ____D C:\Users\DEPP\AppData\Local\Dox_Tool
2016-04-08 16:29 - 2016-04-08 16:30 - 03976885 _____ C:\Users\DEPP\Downloads\links.pdf
2016-04-08 15:07 - 2016-04-08 16:00 - 00000348 _____ C:\Users\DEPP\Desktop\error.txt
2016-04-08 15:03 - 2016-04-18 06:51 - 00000000 ____D C:\ProgramData\Nimoru
2016-04-03 01:35 - 2016-04-03 01:35 - 00000000 ____D C:\Users\DEPP\AppData\Local\SatoshiMines_Pluscoup_Bot
2016-04-03 00:55 - 2016-04-03 00:55 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\WinRAR
2016-04-03 00:24 - 2016-04-03 00:24 - 00838129 _____ C:\Users\DEPP\Downloads\CodeDom Crypter.rar
2016-04-02 22:45 - 2016-04-18 08:38 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\bin235761
2016-04-02 19:40 - 2016-04-02 19:41 - 01941476 _____ C:\Users\DEPP\Downloads\SAE.v1.14.4.x86.7z
2016-04-02 17:57 - 2016-04-02 17:57 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2X
2016-04-02 17:51 - 2016-04-02 17:57 - 00021426 _____ C:\Users\DEPP\AppData\Roaming\2XBasicClientLog.txt
2016-04-02 17:49 - 2016-04-02 17:50 - 06302880 _____ (Parallels IP Holdings GmbH.) C:\Users\DEPP\Downloads\2xclient_basic.exe
2016-04-02 17:41 - 2016-04-02 17:41 - 00000000 ____H C:\Users\DEPP\Documents\Default.rdp
2016-04-02 17:40 - 2016-04-02 17:40 - 00740769 _____ C:\Users\DEPP\Downloads\RDP
2016-04-02 15:35 - 2016-04-02 15:43 - 10255240 _____ C:\Users\DEPP\Downloads\YTDSetup (1).exe
2016-04-02 14:08 - 2016-04-02 14:08 - 11248145 _____ C:\Users\DEPP\Documents\John Legend - All Of Me (Karaoke).mp4
2016-04-02 14:00 - 2016-04-08 00:20 - 00000000 ____D C:\Users\DEPP\AppData\Local\MalwareProtectionLive
2016-04-02 13:59 - 2016-04-02 13:59 - 00001207 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2016-04-02 13:59 - 2016-04-02 13:59 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2016-04-02 13:59 - 2016-04-02 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2016-04-02 13:33 - 2016-04-02 13:43 - 10255240 _____ C:\Users\DEPP\Downloads\YTDSetup.exe
2016-04-02 12:06 - 2016-04-02 12:06 - 00000000 ____D C:\Users\DEPP\Downloads\electrum_data
2016-04-02 10:55 - 2016-04-02 10:55 - 00468068 _____ C:\Users\DEPP\Downloads\RE-Utility2012.sfx.exe
2016-04-01 20:51 - 2016-04-01 20:51 - 00001579 _____ C:\ProgramData\XML
2016-04-01 20:34 - 2016-04-01 20:34 - 00000000 ___RD C:\Sandbox
2016-04-01 20:33 - 2016-04-01 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-04-01 20:33 - 2016-04-01 20:33 - 00000000 ____D C:\Program Files\Sandboxie
2016-04-01 20:20 - 2016-04-01 20:52 - 00000000 ____D C:\ProgramData\554348
2016-04-01 20:20 - 2016-04-01 20:20 - 00000006 ____S C:\ProgramData\085d0e68c7b0c248384148018c7afe1bc9b2a42d
2016-04-01 20:20 - 2016-04-01 20:20 - 00000000 ____D C:\ProgramData\554448
2016-04-01 20:15 - 2016-04-01 20:15 - 00000000 ____D C:\Users\DEPP\AppData\Local\Fishy_Inc
2016-04-01 19:38 - 2016-04-18 08:40 - 00001632 _____ C:\Windows\Sandboxie.ini
2016-04-01 19:14 - 2016-04-18 09:12 - 00000000 ___HD C:\Users\DEPP\Desktop\geeksn0w
2016-04-01 18:25 - 2016-04-01 18:39 - 00001578 _____ C:\ProgramData\Windows 32 Binary HEX
2016-04-01 15:46 - 2016-04-18 07:28 - 00000000 ____D C:\Users\DEPP\AppData\Roaming\Binary HEX
2016-04-01 15:46 - 2016-04-01 18:40 - 00000000 ____D C:\ProgramData\Bin
2016-03-31 21:01 - 2016-03-31 21:01 - 00014925 _____ C:\Users\DEPP\Desktop\what-is-anxiety-disorder.jpe
2016-03-31 16:24 - 2016-04-01 20:05 - 00000000 ____D C:\Program Files\DuckDNS
2016-03-31 16:07 - 2016-03-31 16:09 - 00000000 ____D C:\Users\DEPP\Downloads\Data
2016-03-31 16:07 - 2016-03-31 16:07 - 00000000 ____D C:\Users\DEPP\Downloads\SmartLogger
2016-03-31 16:07 - 2016-03-31 16:07 - 00000000 ____D C:\Users\DEPP\Downloads\Clients
2016-03-31 15:15 - 2016-04-01 19:16 - 00000000 ____D C:\Users\DEPP\AppData\Local\RA4W_VPN
2016-03-31 15:15 - 2015-11-05 14:24 - 00031360 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-03-28 00:11 - 2016-03-27 22:04 - 63295404 _____ C:\Users\DEPP\Desktop\Noli Me Tangere.mp4
2016-03-27 21:49 - 2016-03-27 22:04 - 63295404 _____ C:\Users\DEPP\Downloads\Noli Me Tangere.mp4
2016-03-22 00:17 - 2016-03-22 00:17 - 00428538 _____ C:\Users\DEPP\Downloads\cz.shmoula.android.fakecamera.apk
2016-03-19 15:48 - 2016-03-19 15:48 - 00000132 _____ C:\Users\DEPP\AppData\Roaming\Adobe PNG Format CS6 Prefs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-18 09:04 - 2014-08-21 07:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-18 08:56 - 2013-06-17 15:39 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-18 08:56 - 2013-06-17 15:39 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-18 08:28 - 2009-07-13 21:34 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-18 08:28 - 2009-07-13 21:34 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-18 08:24 - 2014-08-24 13:36 - 00000000 ____D C:\Program Files\Opera
2016-04-18 08:19 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-18 08:12 - 2014-04-30 11:06 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001UA.job
2016-04-18 07:45 - 2015-10-30 00:33 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 07:44 - 2013-06-17 16:03 - 00000000 ____D C:\Windows\Panther
2016-04-18 06:43 - 2014-08-12 08:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-18 06:29 - 2009-07-13 21:33 - 03837200 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-16 13:10 - 2013-06-18 12:57 - 00115416 _____ C:\Users\DEPP\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-16 11:11 - 2014-04-30 11:06 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001Core.job
2016-04-16 10:35 - 2013-06-18 14:19 - 00000000 ____D C:\Program Files\TeamViewer
2016-04-16 10:26 - 2013-06-17 15:30 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-16 10:26 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\inf
2016-04-16 10:09 - 2015-11-19 08:18 - 00000000 ____D C:\Program Files\Steam
2016-04-14 11:07 - 2014-08-21 07:59 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-14 11:07 - 2014-08-21 07:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-14 10:49 - 2014-12-11 08:31 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-12 15:46 - 2013-06-17 15:40 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 15:46 - 2013-06-17 15:40 - 00002089 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 12:14 - 2015-02-06 11:01 - 00000600 _____ C:\Users\DEPP\AppData\Roaming\winscp.rnd
2016-04-11 11:41 - 2015-11-19 08:18 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-11 09:47 - 2014-04-30 08:49 - 00000000 ___RD C:\Users\DEPP\Documents\Scanned Documents
2016-04-08 10:06 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\NDF
2016-04-08 00:29 - 2015-09-15 11:12 - 00067072 ___SH C:\Users\DEPP\Thumbs.db
2016-04-06 10:18 - 2013-06-17 15:46 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-03 21:19 - 2013-06-17 15:31 - 00000000 ____D C:\Users\DEPP\AppData\Local\ElevatedDiagnostics
2016-04-02 22:41 - 2013-06-17 15:26 - 00000000 ____D C:\Users\DEPP\AppData\Local\VirtualStore
2016-04-02 14:35 - 2014-05-01 20:05 - 00000000 ____D C:\Users\DEPP\Documents\YDT Downloads
2016-04-02 12:06 - 2014-04-30 06:53 - 00000000 ____D C:\archive_db
2016-03-27 00:26 - 2015-04-04 10:23 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2015-09-16 06:24 - 2015-09-16 06:24 - 22383104 _____ (Prezi) C:\Program Files\PreziNext.Windows.Desktop.exe
2016-04-02 17:51 - 2016-04-02 17:57 - 0021426 _____ () C:\Users\DEPP\AppData\Roaming\2XBasicClientLog.txt
2016-03-19 15:48 - 2016-03-19 15:48 - 0000132 _____ () C:\Users\DEPP\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-06-19 19:41 - 2015-02-16 12:17 - 0022328 _____ () C:\Users\DEPP\AppData\Roaming\PnkBstrK.sys
2016-01-10 16:50 - 2016-01-22 01:36 - 0000147 _____ () C:\Users\DEPP\AppData\Roaming\WB.CFG
2016-04-18 08:38 - 2016-04-18 08:38 - 1595392 ___SH () C:\Users\DEPP\AppData\Roaming\WddbIKiPaDSUGKHd.exe
2015-02-06 11:01 - 2016-04-11 12:14 - 0000600 _____ () C:\Users\DEPP\AppData\Roaming\winscp.rnd
2010-10-20 00:31 - 2010-10-20 00:31 - 0001456 _____ () C:\Users\DEPP\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-06-25 16:26 - 2013-06-25 16:26 - 0000001 _____ () C:\Users\DEPP\AppData\Local\llftool.4.25.agreement
2015-01-23 21:47 - 2015-02-06 11:41 - 0000600 _____ () C:\Users\DEPP\AppData\Local\PUTTY.RND
2016-04-01 20:20 - 2016-04-01 20:20 - 0000006 ____S () C:\ProgramData\085d0e68c7b0c248384148018c7afe1bc9b2a42d
2016-04-01 18:25 - 2016-04-01 18:39 - 0001578 _____ () C:\ProgramData\Windows 32 Binary HEX
2016-04-01 20:51 - 2016-04-01 20:51 - 0001579 _____ () C:\ProgramData\XML

Some files in TEMP:
====================
C:\Users\DEPP\AppData\Local\Temp\cdo2397250265.dll
C:\Users\DEPP\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\DEPP\AppData\Local\Temp\i4jdel0.exe
C:\Users\DEPP\AppData\Local\Temp\install_flashplayer14x32_mssd_aaa_aih.exe
C:\Users\DEPP\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\DEPP\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\DEPP\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\DEPP\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\DEPP\AppData\Local\Temp\SetupTechGenie.exe
C:\Users\DEPP\AppData\Local\Temp\SkypeSetup.exe
C:\Users\DEPP\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
C:\Users\DEPP\AppData\Local\Temp\Uninstall.exe
C:\Users\DEPP\AppData\Local\Temp\upnp.exe
C:\Users\DEPP\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\DEPP\AppData\Local\Temp\w6mswxnp.dll
C:\Users\DEPP\AppData\Local\Temp\{008EB3C3-D666-4491-9A94-7516D44D1F8B}.dll
C:\Users\DEPP\AppData\Local\Temp\{019B89B2-15EC-4D4F-9EE1-36CDCB743921}.dll
C:\Users\DEPP\AppData\Local\Temp\{02436E26-18DA-42FB-9967-94C1DFA1223F}.dll
C:\Users\DEPP\AppData\Local\Temp\{03FF1AA6-1535-410F-BD1A-71DFD5FD66F5}.dll
C:\Users\DEPP\AppData\Local\Temp\{04D4E9C9-CC84-4E9E-AD48-3D15D7849B93}.dll
C:\Users\DEPP\AppData\Local\Temp\{067DCFBC-1CED-48F1-B236-9CB8A9BDE027}.dll
C:\Users\DEPP\AppData\Local\Temp\{080C98A9-085B-47C9-8276-47F18B9FC5A7}.dll
C:\Users\DEPP\AppData\Local\Temp\{081446E9-29AA-4C46-984E-8309BEE72581}.dll
C:\Users\DEPP\AppData\Local\Temp\{085F661E-2ED8-437F-9D69-88AAD6962A9F}.dll
C:\Users\DEPP\AppData\Local\Temp\{0894DEF1-6666-408C-ACCA-4DC3CF7DBC5C}.dll
C:\Users\DEPP\AppData\Local\Temp\{0A92F433-3EC3-402C-9B04-D36355EA31AA}.dll
C:\Users\DEPP\AppData\Local\Temp\{0B64423F-710B-4942-B77A-0809390A5D3A}.dll
C:\Users\DEPP\AppData\Local\Temp\{0C1AA2A5-0F82-4A6D-9601-BA141BC3AA40}.dll
C:\Users\DEPP\AppData\Local\Temp\{0E33D377-553B-410C-9A56-9D13567BC88E}.dll
C:\Users\DEPP\AppData\Local\Temp\{0E7C2EE0-2305-4235-8590-ECF570B66287}.dll
C:\Users\DEPP\AppData\Local\Temp\{0F760040-0D5B-4A72-A0D7-0596B42FFE40}.dll
C:\Users\DEPP\AppData\Local\Temp\{0F8DF46D-9A32-44DC-8B0D-EE94853050B4}.dll
C:\Users\DEPP\AppData\Local\Temp\{0F9A0FDB-036B-4BFC-B075-E5A3BDF06FB0}.dll
C:\Users\DEPP\AppData\Local\Temp\{0F9B59DC-57E3-42BD-BFCF-341443DF2D5D}.dll
C:\Users\DEPP\AppData\Local\Temp\{11ABB590-F546-48D2-97C6-3230E8F61452}.dll
C:\Users\DEPP\AppData\Local\Temp\{13583F31-8491-4FE8-8469-1CC5C75997F4}.dll
C:\Users\DEPP\AppData\Local\Temp\{15FE872C-0AF8-4707-A288-EA508A67B6E8}.dll
C:\Users\DEPP\AppData\Local\Temp\{164FC8B4-321C-4D52-8145-B26560E49AE0}.dll
C:\Users\DEPP\AppData\Local\Temp\{16753ECB-A489-4560-BA73-1B1E92B71F2A}.dll
C:\Users\DEPP\AppData\Local\Temp\{16EAFBA7-5F26-4D46-8BFE-D7EA9985322C}.dll
C:\Users\DEPP\AppData\Local\Temp\{171A7E60-EAEF-41B1-9826-C67B9D32EA6D}.dll
C:\Users\DEPP\AppData\Local\Temp\{18AC5B44-D98E-48D2-80BF-2F6795494D3B}.dll
C:\Users\DEPP\AppData\Local\Temp\{199A5FF8-B59E-4294-8F39-7520362659B8}.dll
C:\Users\DEPP\AppData\Local\Temp\{1AA3915E-C770-4FF6-B2A6-97E3888520CF}.dll
C:\Users\DEPP\AppData\Local\Temp\{1B844F62-ACA1-4414-A8C3-3FB3F281EC4C}.dll
C:\Users\DEPP\AppData\Local\Temp\{1C190B66-B236-4586-BC7F-082FAB0A0A3E}.dll
C:\Users\DEPP\AppData\Local\Temp\{1CB136FE-BC21-4373-8F67-ED8640492BEC}.dll
C:\Users\DEPP\AppData\Local\Temp\{1D94B5C4-57D5-4328-83FD-50E81BAC2BA5}.dll
C:\Users\DEPP\AppData\Local\Temp\{1DA8DB7B-7261-499A-B4D5-E693A4EB23B0}.dll
C:\Users\DEPP\AppData\Local\Temp\{1F39AADA-1DF5-42ED-AF26-A10B69FAF343}.dll
C:\Users\DEPP\AppData\Local\Temp\{1F487E6F-8EAA-4487-9BCA-FBF882A5990F}.dll
C:\Users\DEPP\AppData\Local\Temp\{1F6F85C8-839C-46AD-94EB-E7B50B231A2F}.dll
C:\Users\DEPP\AppData\Local\Temp\{219F0DC9-65A2-426D-B111-A3E7E9D36388}.dll
C:\Users\DEPP\AppData\Local\Temp\{24DAC82A-1213-479E-90A7-FBD9D6633EFC}.dll
C:\Users\DEPP\AppData\Local\Temp\{24ECFADF-DD50-4A3A-BC08-C9E8B68C5C58}.dll
C:\Users\DEPP\AppData\Local\Temp\{2798A6BC-9741-4D57-A0A7-AF91367E2EBE}.dll
C:\Users\DEPP\AppData\Local\Temp\{28FD53AD-6C6A-497A-90DE-0D6E3FBCE54D}.dll
C:\Users\DEPP\AppData\Local\Temp\{29044730-37B2-489C-80CC-F9B0645F8B0F}.dll
C:\Users\DEPP\AppData\Local\Temp\{2E7EDE1D-9333-41D6-A74F-E3CB13F1AECD}.dll
C:\Users\DEPP\AppData\Local\Temp\{300BF224-5709-4D28-9CED-93D670262A47}.dll
C:\Users\DEPP\AppData\Local\Temp\{31595422-EE62-4A7E-93F9-94D6771B32C4}.dll
C:\Users\DEPP\AppData\Local\Temp\{326258BA-0B89-4C94-A8FB-2C8AC95D6007}.dll
C:\Users\DEPP\AppData\Local\Temp\{32F9829A-06AD-463B-BDAA-607D427658EF}.dll
C:\Users\DEPP\AppData\Local\Temp\{34CD993F-AAAE-454F-BAFE-BEC6FA9FF5A0}.dll
C:\Users\DEPP\AppData\Local\Temp\{35353ADD-7531-4B59-AB4E-23ABDEA54B80}.dll
C:\Users\DEPP\AppData\Local\Temp\{357AA545-5258-4F70-A22C-B1C0F8CCAAD5}.dll
C:\Users\DEPP\AppData\Local\Temp\{357C556C-BDA2-45D4-8BD7-8C142E7EDDE4}.dll
C:\Users\DEPP\AppData\Local\Temp\{364A18D4-F9B6-4A64-9054-9F28FA9E5687}.dll
C:\Users\DEPP\AppData\Local\Temp\{368F7204-00B8-40B3-A86B-3EFF858BFCA5}.dll
C:\Users\DEPP\AppData\Local\Temp\{389D7FA8-3CE0-414D-A831-9582A1F321ED}.dll
C:\Users\DEPP\AppData\Local\Temp\{38FA84F4-E941-4CF2-846F-620E7DBD20A9}.dll
C:\Users\DEPP\AppData\Local\Temp\{3A1F7887-9CF5-4ED9-B9DF-1FC61E1FF374}.dll
C:\Users\DEPP\AppData\Local\Temp\{3BF40347-F864-461F-93EE-E27C8EB850CF}.dll
C:\Users\DEPP\AppData\Local\Temp\{3C1824E7-84B3-4F9C-A377-5EEA817F1120}.dll
C:\Users\DEPP\AppData\Local\Temp\{3F553758-5B5E-4CA1-BAC5-6930A5AC39BB}.dll
C:\Users\DEPP\AppData\Local\Temp\{3FE290E6-7B34-491F-BB11-EA41077FF817}.dll
C:\Users\DEPP\AppData\Local\Temp\{41189BD1-5E41-46CE-8FD7-DE8C1B94F7B2}.dll
C:\Users\DEPP\AppData\Local\Temp\{423D4590-E432-4AB7-A0FC-3D1F59E40C52}.dll
C:\Users\DEPP\AppData\Local\Temp\{42800206-3452-46D4-8843-43FF92FBBEB0}.dll
C:\Users\DEPP\AppData\Local\Temp\{4474F7EC-A117-49EB-AB49-FB3FAA8C0D9E}.dll
C:\Users\DEPP\AppData\Local\Temp\{4524FFF2-C68E-4EF1-92EF-74CBA1DF8F1B}.dll
C:\Users\DEPP\AppData\Local\Temp\{4543BF5A-4409-4284-9FC0-06F7377D743D}.dll
C:\Users\DEPP\AppData\Local\Temp\{458C885C-AF0C-4DA5-93E0-BF04D1A51A1E}.dll
C:\Users\DEPP\AppData\Local\Temp\{459BECB0-4D41-4DD6-B5AA-6EF38B6A87B8}.dll
C:\Users\DEPP\AppData\Local\Temp\{4867DFB3-9C51-4F92-9E04-F4C824822566}.dll
C:\Users\DEPP\AppData\Local\Temp\{494C51E4-B3FB-4DF7-968D-F10918A81EE5}.dll
C:\Users\DEPP\AppData\Local\Temp\{49F7EB50-7AD7-4D1E-9307-CE82D3E2B22E}.dll
C:\Users\DEPP\AppData\Local\Temp\{4B42962F-F4A0-411C-A8E1-419C413AD6EF}.dll
C:\Users\DEPP\AppData\Local\Temp\{4D3A3DDE-5B54-4FA0-9A68-6F2AE83A4089}.dll
C:\Users\DEPP\AppData\Local\Temp\{4E127DAE-432D-42AC-A168-4F0AD2BBAA8A}.dll
C:\Users\DEPP\AppData\Local\Temp\{4E4D97E5-7FA5-4B47-90A0-ECC85709FDD6}.dll
C:\Users\DEPP\AppData\Local\Temp\{4E8B82AA-760B-4EBC-8CE2-C23F6C5D540C}.dll
C:\Users\DEPP\AppData\Local\Temp\{507FC4C2-0812-41B0-8622-2D50C7F72AAF}.dll
C:\Users\DEPP\AppData\Local\Temp\{5166B3F1-0D9F-48D6-86BB-8DE5E97A82A8}.dll
C:\Users\DEPP\AppData\Local\Temp\{52A54AC8-2F73-473F-862A-79698F581929}.dll
C:\Users\DEPP\AppData\Local\Temp\{52B72539-AA0F-4C36-9205-AB50D775E725}.dll
C:\Users\DEPP\AppData\Local\Temp\{531278E7-4ED6-4D28-967D-744110C0BC26}.dll
C:\Users\DEPP\AppData\Local\Temp\{5337C064-BDEE-4937-BCF5-397854AAAF71}.dll
C:\Users\DEPP\AppData\Local\Temp\{5445389F-17F3-4108-9C2A-28813E714AFC}.dll
C:\Users\DEPP\AppData\Local\Temp\{55E84A22-E3E0-4FAD-BA4A-D0202F143F3A}.dll
C:\Users\DEPP\AppData\Local\Temp\{55FBB1A6-E279-4432-A6CC-1DCFC1BEEB5A}.dll
C:\Users\DEPP\AppData\Local\Temp\{57E9B326-484C-4208-A70A-DE54042A928E}.dll
C:\Users\DEPP\AppData\Local\Temp\{5920E379-CF5C-4727-8797-97D792788EDF}.dll
C:\Users\DEPP\AppData\Local\Temp\{5994B4DC-A0AF-4285-9346-002B07621A06}.dll
C:\Users\DEPP\AppData\Local\Temp\{5B328D1C-19DF-499A-B536-98317611B5EC}.dll
C:\Users\DEPP\AppData\Local\Temp\{5D14C32C-C319-4FC5-81B8-35D1E0C4A91D}.dll
C:\Users\DEPP\AppData\Local\Temp\{5EADF243-05BC-4D2D-8D92-40BC027B1E2D}.dll
C:\Users\DEPP\AppData\Local\Temp\{5F07252A-2A44-4B5C-8F3F-82D35C69E0F6}.dll
C:\Users\DEPP\AppData\Local\Temp\{64AB6C5C-6041-421F-B230-AA487173B1DE}.dll
C:\Users\DEPP\AppData\Local\Temp\{6887454C-0805-4BBD-BF8D-08C6E0AC7106}.dll
C:\Users\DEPP\AppData\Local\Temp\{69E7BA67-7964-4C27-88DC-CE681F997A42}.dll
C:\Users\DEPP\AppData\Local\Temp\{6AA23D21-6CE6-4C01-A62B-D3064A57A7F9}.dll
C:\Users\DEPP\AppData\Local\Temp\{6AF07988-3DB9-48CC-9CBA-DDC829CB785B}.dll
C:\Users\DEPP\AppData\Local\Temp\{6B511A01-5222-436C-AE74-76E2417AB1B7}.dll
C:\Users\DEPP\AppData\Local\Temp\{6B511D75-421E-4CAB-AB7E-3D8A464C2192}.dll
C:\Users\DEPP\AppData\Local\Temp\{6D0024F2-9828-4087-9534-65E89D0A4921}.dll
C:\Users\DEPP\AppData\Local\Temp\{6D0D3CF9-747E-45EA-AFFB-699DCDB01C5E}.dll
C:\Users\DEPP\AppData\Local\Temp\{6D2B76B2-1C94-46D7-928D-E206BEA63731}.dll
C:\Users\DEPP\AppData\Local\Temp\{6EE66994-BD17-426A-85EB-465835F9DBC4}.dll
C:\Users\DEPP\AppData\Local\Temp\{6EFB2B9A-AA66-479B-A113-93D4691C5B47}.dll
C:\Users\DEPP\AppData\Local\Temp\{71F04A9C-1F5C-4E46-A0A1-EA62DB145876}.dll
C:\Users\DEPP\AppData\Local\Temp\{72DCD8B8-B6A9-4870-988E-3AC448CF492F}.dll
C:\Users\DEPP\AppData\Local\Temp\{73BF141F-E469-453D-9547-6DBACBE6D302}.dll
C:\Users\DEPP\AppData\Local\Temp\{74A80D5C-4CB5-41EE-A844-DCD0A88952F5}.dll
C:\Users\DEPP\AppData\Local\Temp\{74DC1A6F-3A83-4927-9CC3-D4722185D9EA}.dll
C:\Users\DEPP\AppData\Local\Temp\{760FB135-251E-4E72-A256-344AB231938F}.dll
C:\Users\DEPP\AppData\Local\Temp\{766845B5-BFE7-42F7-B7E8-7F655189C7E1}.dll
C:\Users\DEPP\AppData\Local\Temp\{779C9CDC-59B0-4CD1-ABF1-3BDBAB754247}.dll
C:\Users\DEPP\AppData\Local\Temp\{77BCF5B3-FD4A-45A2-9643-3A6CADD8C85E}.dll
C:\Users\DEPP\AppData\Local\Temp\{78FED4D1-5564-4A68-A554-3391ACBA35D5}.dll
C:\Users\DEPP\AppData\Local\Temp\{7A049206-6588-460B-8A30-8E1A09DC7761}.dll
C:\Users\DEPP\AppData\Local\Temp\{7B16F80D-17DC-4233-A70E-DE116A667CFF}.dll
C:\Users\DEPP\AppData\Local\Temp\{7BF20BC8-84F7-4B33-B8F2-801593977812}.dll
C:\Users\DEPP\AppData\Local\Temp\{7EFAE462-3EC0-4F96-B7D1-34CE5462B522}.dll
C:\Users\DEPP\AppData\Local\Temp\{80BCFC0E-F8E3-4449-BBC8-0A856FED36A8}.dll
C:\Users\DEPP\AppData\Local\Temp\{8153BEE8-970F-4E81-A823-CE8E7A547DBF}.dll
C:\Users\DEPP\AppData\Local\Temp\{81A1ACF6-6287-4526-A3A1-1A93FF87325A}.dll
C:\Users\DEPP\AppData\Local\Temp\{82D72D7D-749B-4465-B889-8EB98234975B}.dll
C:\Users\DEPP\AppData\Local\Temp\{83BA258F-0249-49F9-B794-352B8D4DEF93}.dll
C:\Users\DEPP\AppData\Local\Temp\{8464F9BA-C53B-4CDD-BB1A-5CE06742D0FB}.dll
C:\Users\DEPP\AppData\Local\Temp\{849D874F-C803-4E50-A3CD-1A4ECAB77FD2}.dll
C:\Users\DEPP\AppData\Local\Temp\{89A3FF57-4253-4250-B117-3F8FDF6418E5}.dll
C:\Users\DEPP\AppData\Local\Temp\{8BD785BC-2893-43F4-B677-C0E1E6C85FA9}.dll
C:\Users\DEPP\AppData\Local\Temp\{8ECDC064-E97D-44BB-B991-EAB5352B2EBB}.dll
C:\Users\DEPP\AppData\Local\Temp\{971883AD-2900-48FE-B59F-A67C80E4015E}.dll
C:\Users\DEPP\AppData\Local\Temp\{97FAF3A2-3AD1-4BA5-AB2E-DE09BCAEC488}.dll
C:\Users\DEPP\AppData\Local\Temp\{99FD7777-09C1-444B-A639-C6AE90DD2837}.dll
C:\Users\DEPP\AppData\Local\Temp\{9AA79090-FA45-4DE4-9A06-2FE93760607C}.dll
C:\Users\DEPP\AppData\Local\Temp\{9AB3D6E3-FF80-4B00-9C1B-742DE3FD2DA4}.dll
C:\Users\DEPP\AppData\Local\Temp\{9F2BE564-D7F3-4177-A4DE-79A4E04F69AE}.dll
C:\Users\DEPP\AppData\Local\Temp\{A04CCE58-A9AA-45AB-94F3-F7AA03465A25}.dll
C:\Users\DEPP\AppData\Local\Temp\{A295125B-2448-49B7-82D2-C1FBDCE7C3CB}.dll
C:\Users\DEPP\AppData\Local\Temp\{A38C751B-0295-410B-B014-EEAB824153CB}.dll
C:\Users\DEPP\AppData\Local\Temp\{A3DFDCB3-61F0-4535-9C34-27357DEBB0F0}.dll
C:\Users\DEPP\AppData\Local\Temp\{A59CD53D-E749-42B2-A56A-4573A2C99F9A}.dll
C:\Users\DEPP\AppData\Local\Temp\{A8C5542B-926A-44A7-AA49-4DD990FA4C89}.dll
C:\Users\DEPP\AppData\Local\Temp\{AD516812-1DEF-4FBD-9188-AAAFCF6C4350}.dll
C:\Users\DEPP\AppData\Local\Temp\{AE7B0A02-93F3-492F-AEFF-F3202D397ACD}.dll
C:\Users\DEPP\AppData\Local\Temp\{B1263CC0-E798-4520-9A5E-EA9FFD14C6BE}.dll
C:\Users\DEPP\AppData\Local\Temp\{B3042171-28B7-43EC-AF16-2F84536C2368}.dll
C:\Users\DEPP\AppData\Local\Temp\{B4B16B20-DA50-4474-8991-045B2DBF2CE6}.dll
C:\Users\DEPP\AppData\Local\Temp\{B5016091-1E79-4EBB-9896-5A4F9964E634}.dll
C:\Users\DEPP\AppData\Local\Temp\{B7422EA9-1F72-4A0E-9AF2-BB97C041AB57}.dll
C:\Users\DEPP\AppData\Local\Temp\{B7F34139-68CC-46DD-943B-E551BC9E681F}.dll
C:\Users\DEPP\AppData\Local\Temp\{B82A47A9-2F75-40A2-A8B7-CE96BC63229D}.dll
C:\Users\DEPP\AppData\Local\Temp\{BBC8920F-B055-4BEC-987F-FA2D6F98A1A8}.dll
C:\Users\DEPP\AppData\Local\Temp\{BEC35613-FA04-475F-857F-A5B274E17C85}.dll
C:\Users\DEPP\AppData\Local\Temp\{BED94F9C-15C4-4F12-9F9A-D269969A6DBD}.dll
C:\Users\DEPP\AppData\Local\Temp\{BFEA0F89-BDFF-41E1-82D5-D0BBBFF8BED1}.dll
C:\Users\DEPP\AppData\Local\Temp\{C15222E2-7F1F-4F01-8A1A-BFB068B1F15F}.dll
C:\Users\DEPP\AppData\Local\Temp\{C202CDB6-8A17-411C-870E-23586558C77D}.dll
C:\Users\DEPP\AppData\Local\Temp\{C4B6812F-AE15-4B61-92A6-A2D9F03C3049}.dll
C:\Users\DEPP\AppData\Local\Temp\{C633471E-63D8-45D6-B6BC-9D2BE3C00ED1}.dll
C:\Users\DEPP\AppData\Local\Temp\{C7056FA8-257F-44C5-897B-ED54D2A771BB}.dll
C:\Users\DEPP\AppData\Local\Temp\{CB0A4299-982C-433B-B673-C81995E98B81}.dll
C:\Users\DEPP\AppData\Local\Temp\{CC5C50EF-F232-483C-82A1-C221844CE5EA}.dll
C:\Users\DEPP\AppData\Local\Temp\{CCFB4CA2-094E-4E05-BE8F-202287D55AC8}.dll
C:\Users\DEPP\AppData\Local\Temp\{CD64ED1B-9797-42FB-8476-2166AD3FC288}.dll
C:\Users\DEPP\AppData\Local\Temp\{CDDCC607-5695-415A-A1C5-1E5D6AA24D9A}.dll
C:\Users\DEPP\AppData\Local\Temp\{CEE4CF7C-B3B8-4A00-8C69-553FE64182B5}.dll
C:\Users\DEPP\AppData\Local\Temp\{D2E06AE5-5389-4836-934D-C75827F3FF18}.dll
C:\Users\DEPP\AppData\Local\Temp\{D2F1CF93-2768-4AD3-A384-3A380C5A0C50}.dll
C:\Users\DEPP\AppData\Local\Temp\{D36F4E49-E1AF-4E20-89AB-A8E053F2060C}.dll
C:\Users\DEPP\AppData\Local\Temp\{D415A734-FCD2-4F9F-8C85-3065B87BE7B2}.dll
C:\Users\DEPP\AppData\Local\Temp\{D46B959E-0B3E-4248-950E-5B482BBA95A7}.dll
C:\Users\DEPP\AppData\Local\Temp\{D47591A9-07F7-4CD1-9295-6BE0355089F5}.dll
C:\Users\DEPP\AppData\Local\Temp\{D4AF191A-A833-4636-BFDA-BC83907C9328}.dll
C:\Users\DEPP\AppData\Local\Temp\{D6854E4D-F235-4EE9-8CD7-A65DCC28B78E}.dll
C:\Users\DEPP\AppData\Local\Temp\{D88BC16D-EEEE-4E33-98EC-018CEFD2145B}.dll
C:\Users\DEPP\AppData\Local\Temp\{D9C233D0-22A9-4096-BB14-133D1C092290}.dll
C:\Users\DEPP\AppData\Local\Temp\{D9D4A64D-D1FE-4173-9A90-9993798F0945}.dll
C:\Users\DEPP\AppData\Local\Temp\{DC81C613-6353-4EF3-B2A6-110B57A8DCC8}.dll
C:\Users\DEPP\AppData\Local\Temp\{DEAB7E82-14ED-4062-8DD0-30B6DD041FCA}.dll
C:\Users\DEPP\AppData\Local\Temp\{E22DC4E9-73EB-48DC-9D20-3EE6B1446AFC}.dll
C:\Users\DEPP\AppData\Local\Temp\{E3972B50-BE8D-4EB7-920C-C4319AA2C31D}.dll
C:\Users\DEPP\AppData\Local\Temp\{E48954AE-D1A2-42A6-ABE7-5C559D2DDF73}.dll
C:\Users\DEPP\AppData\Local\Temp\{E489FC27-C88A-4582-B6AC-BDA9FF99E634}.dll
C:\Users\DEPP\AppData\Local\Temp\{E4953C66-4CC4-4CBF-B738-C3E772C1B966}.dll
C:\Users\DEPP\AppData\Local\Temp\{E570BF21-22BB-41A7-9685-54B8AA9A4DAB}.dll
C:\Users\DEPP\AppData\Local\Temp\{E593795F-2E87-41A3-90C3-C52FB8994EF7}.dll
C:\Users\DEPP\AppData\Local\Temp\{E7F40813-40C9-4ED8-A594-454858B5485F}.dll
C:\Users\DEPP\AppData\Local\Temp\{E82DE213-00BB-4B72-A0B3-B944334AFA50}.dll
C:\Users\DEPP\AppData\Local\Temp\{E928A117-E76B-4CFA-BA11-0EEF1340E553}.dll
C:\Users\DEPP\AppData\Local\Temp\{E9A9AB90-B161-4D3F-A774-EE9EBEBEA272}.dll
C:\Users\DEPP\AppData\Local\Temp\{E9AEAF06-283C-405B-A58A-30BB43D03A83}.dll
C:\Users\DEPP\AppData\Local\Temp\{EB7926F5-3A7D-4384-8F27-18C1AA69703B}.dll
C:\Users\DEPP\AppData\Local\Temp\{ECF4C1E4-6D94-4A83-94EC-18FDB75A7057}.dll
C:\Users\DEPP\AppData\Local\Temp\{EFC33802-FDDA-4EB3-89CA-FA7475841424}.dll
C:\Users\DEPP\AppData\Local\Temp\{F043D22E-35DB-49A6-A5BC-219B28FD8D82}.dll
C:\Users\DEPP\AppData\Local\Temp\{F340051D-DD98-4962-914A-AAA9290EDF30}.dll
C:\Users\DEPP\AppData\Local\Temp\{F7E0A1ED-88AB-473B-8C8A-EA2471485B03}.dll
C:\Users\DEPP\AppData\Local\Temp\{F843DA99-7A3A-41CD-A113-9359B3909878}.dll
C:\Users\DEPP\AppData\Local\Temp\{FA26D550-5E69-4F25-B3DE-3F84808753C0}.dll
C:\Users\DEPP\AppData\Local\Temp\{FAF5BE65-154B-4295-9FFA-D78EE05D92B7}.dll
C:\Users\DEPP\AppData\Local\Temp\{FF6A9C5B-CD85-40D5-B25E-8316F2EEA35A}.dll
C:\Users\DEPP\AppData\Local\Temp\{FF748BD3-C706-45B8-A200-FA1BEEE50137}.dll
C:\Users\DEPP\AppData\Local\Temp\~sp3D31.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-29 07:44

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-04-2016
Ran by DEPP (2016-04-18 09:35:11)
Running from C:\Users\DEPP\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2013-06-17 22:25:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-563482115-3036595567-2997201845-500 - Administrator - Disabled)
DEPP (S-1-5-21-563482115-3036595567-2997201845-1001 - Administrator - Enabled) => C:\Users\DEPP
Guest (S-1-5-21-563482115-3036595567-2997201845-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Any Video Converter 5.0.5 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 11.1.2253 - AVAST Software)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version:  - )
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version:  - )
Crysis(R) (HKLM\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Defaulttab (HKLM\...\DefaultTab) (Version: 2.6.1.0 - Search Results, LLC) <==== ATTENTION
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Enemy Front, âåðñèÿ 1.0.0.0 (HKLM\...\Enemy Front_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Nero 7 Essentials (HKLM\...\{3BDEE284-1516-40E8-B784-00FEBE1B1033}) (Version: 7.02.9769 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Opera Stable 36.0.2130.65 (HKLM\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Photodex Presenter (HKLM\...\Photodex Presenter) (Version:  - Photodex Corporation)
PowerISO (HKLM\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
Prezi Desktop (HKLM\...\{0b76a0df-1112-4529-b8bb-1d7e5dcd5446}) (Version: 6.5.2.0 - Prezi)
Prezi Desktop (Version: 6.5.2.0 - Prezi) Hidden
ProShow Gold (HKLM\...\ProShow Gold) (Version:  - Photodex Corporation)
Prototype 2 version 5.1 (HKLM\...\{B810D852-DFD6-PROT2L-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.44 (Version: 1.48.2066.44 - Avast Software) Hidden
Sandboxie 5.10 (32-bit) (HKLM\...\Sandboxie) (Version: 5.10 - Sandboxie Holdings, LLC)
SelectionLinks (HKLM\...\sl-dlc) (Version: 1.0 - SelectionLinks) <==== ATTENTION
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM\...\Sniper Elite V2_is1) (Version:  - )
Sniper Elite: Nazi Zombie Army (HKLM\...\Sniper Elite: Nazi Zombie Army_is1) (Version:  - )
Sniper Ghost Warrior 2 (HKLM\...\Sniper Ghost Warrior 2_is1) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.21 - Piriform)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
TightVNC (HKLM\...\{967FE692-A933-45CF-AF62-4E7862006042}) (Version: 2.7.7.0 - GlavSoft LLC.)
Unity Web Player (HKU\S-1-5-21-563482115-3036595567-2997201845-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
USB PC Camera (ZS211) (HKLM\...\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}) (Version: 1.00.000 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinSCP 5.5.6 (HKLM\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
YTD Video Downloader 5.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.3 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\DEPP\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\DEPP\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\DEPP\AppData\Local\Chromium\Application\46.0.2472.0\delegate_execute.exe (The Chromium Authors) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-563482115-3036595567-2997201845-1001_Classes\CLSID\{F5DF8D65-559D-4b75-8562-5302BD2F5F20}\InprocServer32 -> C:\Users\DEPP\AppData\Roaming\2XClient\TuxClientSystem.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CF3C58F-39F7-44A6-8CAF-2655AEF528FD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0FBE8889-3B2C-48AB-9B37-CA80BA0C09E6} - System32\Tasks\System Monitor => C:\ProgramData\554348\sysmon.exe
Task: {317CC414-8424-49A3-A5C4-8AF045C80002} - System32\Tasks\Opera scheduled Autoupdate 1408912582 => C:\Program Files\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {37C61145-B144-46D0-908F-B276563B607C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-14] (Adobe Systems Incorporated)
Task: {5BECD02C-9C64-496D-A48A-5348201BB992} - System32\Tasks\Windows 32 Binary HEX => C:\ProgramData\Bin\win32bin.exe
Task: {80C4FB13-F66D-4679-9B15-2AC99266234A} - System32\Tasks\avastBCLRestartS-1-5-21-563482115-3036595567-2997201845-1001 => Chrome.exe
Task: {98320297-D3E4-417F-BCE7-66B767C9F933} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9CBA5A6E-8BE4-444B-A643-9E4C5102726B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated)
Task: {AEAA0847-D3D2-45D8-BFF2-279C91F63500} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {AFDD5016-DB89-4C10-BE62-5375BA76F00D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001UA => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-30] (Facebook Inc.)
Task: {C0EA9E3C-9689-425B-8E03-B3CB31535DDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CE65177F-2C1E-418B-82A0-A70336985643} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001Core => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-30] (Facebook Inc.)
Task: {E226E134-11F8-4216-9BFE-7CB3A928C332} - System32\Tasks\SafeZone scheduled Autoupdate 1454737329 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {FA5349F1-22D1-4E96-BF79-4EC353D46F30} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-05] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001Core.job => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-563482115-3036595567-2997201845-1001UA.job => C:\Users\DEPP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-05 17:13 - 2016-02-05 17:13 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-05 17:13 - 2016-02-05 17:13 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-18 06:33 - 2016-04-18 06:33 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041701\algo.dll
2016-04-15 09:27 - 2016-04-15 09:27 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-06-19 12:57 - 2010-07-28 17:34 - 00022424 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-19 19:40 - 2015-06-27 14:32 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-04-29 08:27 - 2014-04-29 08:27 - 00186760 _____ () C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
2013-06-19 12:57 - 2010-06-23 18:11 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2013-06-19 12:57 - 2010-06-23 18:11 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2013-06-19 12:57 - 2010-06-23 18:12 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2013-06-19 12:57 - 2010-06-23 18:11 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2013-07-05 21:23 - 2010-06-23 17:38 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2013-07-05 21:23 - 2010-07-28 17:02 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2016-02-05 17:13 - 2016-02-05 17:13 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-12 15:46 - 2016-04-06 03:04 - 01675928 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 15:46 - 2016-04-06 03:04 - 00086168 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-04-01 19:15 - 2015-11-05 14:24 - 00515584 _____ () C:\Users\DEPP\Desktop\geeksn0w\RA4W VPN32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2015-08-08 06:33 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-563482115-3036595567-2997201845-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DEPP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3FD442EF-33AB-4190-A432-2CBB7C1AA969}] => (Allow) C:\Users\DEPP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{08AD037C-C8CB-4F9F-869B-4EEE75A5E24D}] => (Allow) C:\Users\DEPP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49CEC128-DECC-46E5-9350-E6BEE50AC323}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{5583890C-3A44-4B3D-95CF-C08D8058D810}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A956B588-44D6-4ACE-93A9-D66EEAF32943}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AAF4476C-FE2D-41DA-8C8B-5B79DF5C79CC}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{0E2CA305-4D75-4DCE-BCBE-2DD5AD593B31}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{1C63C217-F638-4518-9674-B38717D8A5A0}C:\users\depp\downloads\utorrent.exe] => (Allow) C:\users\depp\downloads\utorrent.exe
FirewallRules: [UDP Query User{D4E0DA83-C962-4DBA-BCDD-042A901069B7}C:\users\depp\downloads\utorrent.exe] => (Allow) C:\users\depp\downloads\utorrent.exe
FirewallRules: [{0C67BA8C-9E1C-45FB-8545-9E0AFAC7AE0F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{64FE13BC-49F7-4868-95D9-BBAD7A4912F5}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{60B5545D-B860-4A00-A5D8-6E0E99DACB8C}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{3B18D039-3E82-4A7C-AB0E-3C0C2EA1A162}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{7A38F0BD-5AC2-4737-B1E8-01AE6DDC123B}] => (Allow) C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{E5A16D7A-4228-42D0-B547-D78EACE34020}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A6B96D93-5CA5-455F-898B-D9BC16262C4A}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{2E05EA88-31D0-49B5-A09B-63999FA669F6}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{03885BC3-F077-4974-889A-C66D447F5E6F}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{40ECF42C-8749-4014-9153-29798BB88D61}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{01F91D2B-A1A4-4B3F-98AE-2ACAF459C2EA}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{06CC19BD-60AA-4A0A-B8B7-CB1166EACDCC}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{8920CC59-BCEE-45FE-AE48-82F38414ADD1}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{8E6B5BAA-5A28-465C-8209-E94D2FFDD378}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [TCP Query User{5FB6F1FF-EAF1-4C2E-A14F-87F2D2142BB6}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{2AF54E52-A604-4427-998C-96992D90357F}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{1674CBEB-C069-4F67-9937-3270465A739A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{FE37809E-EB0B-47C4-A321-D8ADFE803FDE}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{C6423CF7-9528-4808-B29B-88351E69A76C}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{D7E27D8E-772C-4BF7-A0F0-45445DADAD0D}C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) C:\program files\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{16C6FA8E-56F8-48BA-9345-03E0F8EE17B3}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{2D71C039-799F-4CF3-AE15-25D7AC85B91F}] => (Allow) C:\Users\DEPP\AppData\Local\Temp\HBCD\Ghost32.Exe
FirewallRules: [{ED34E053-CB31-4946-927F-864CA6D28C60}] => (Allow) C:\Users\DEPP\AppData\Local\Temp\HBCD\Ghost32.Exe
FirewallRules: [{BAB15BB2-5D63-49F8-BBCF-87458F40A464}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{73E2BB92-8CC6-4583-90D5-BED3830B2553}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{9E9E7F5C-B34E-42F5-9011-32DABF7A3802}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{B41DDE6B-E080-49FE-8CC7-038A934B74F8}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CCB8C4DF-6BDF-4495-BD65-B4410757E149}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
FirewallRules: [UDP Query User{0B8CC9FB-34AB-4E4A-B005-41701FD9F177}C:\program files\prototype 2\prototype2.exe] => (Block) C:\program files\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{E1A73CE8-BE9F-4AD0-8B9C-E044A0807D35}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
FirewallRules: [UDP Query User{AE7F40BC-9131-4062-86D2-6D8521A5E7BB}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
FirewallRules: [TCP Query User{1A7F083A-26D0-413F-8231-9B736C54B8D6}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{6C350C93-7909-403B-ADD1-957D7FD56B8B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{865D0CED-96EE-4745-B3E8-5E88EB9E35FD}C:\program files\cloudsee\jdcs.exe] => (Allow) C:\program files\cloudsee\jdcs.exe
FirewallRules: [UDP Query User{6BFB75FA-0284-4480-BF08-9BFEEA604ADC}C:\program files\cloudsee\jdcs.exe] => (Allow) C:\program files\cloudsee\jdcs.exe
FirewallRules: [TCP Query User{EFEA20FE-2037-4A11-8265-3B538E86B527}C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe] => (Block) C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe
FirewallRules: [UDP Query User{0655DE30-E607-4A58-B55D-81D76AD26867}C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe] => (Block) C:\users\depp\downloads\call of duty and call of duty united offensive\codmp.exe
FirewallRules: [TCP Query User{1B87BD97-B2AD-4A0C-B03D-B2692E2FF072}C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe] => (Allow) C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe
FirewallRules: [UDP Query User{03D2DB0B-88FB-49D3-8938-EF397BDBCC61}C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe] => (Allow) C:\users\depp\downloads\call of duty and call of duty united offensive\coduomp.exe
FirewallRules: [TCP Query User{3FBC1E50-3A6E-4953-AA95-C5C441B12D78}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
FirewallRules: [UDP Query User{A2AE42EB-8E3F-446B-86A4-98A1EA386D49}C:\program files\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files\enemy front\bin32\enemyfront.exe
FirewallRules: [TCP Query User{E2F3C37A-3294-4204-8FFB-66B132298E2A}C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe] => (Allow) C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe
FirewallRules: [UDP Query User{1E0487C9-09E5-457E-AC68-1E434AA5049C}C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe] => (Allow) C:\users\depp\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe
FirewallRules: [{FA974AEF-3545-4308-8175-F64ACE4E507E}] => (Allow) C:\Users\DEPP\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{72396F42-94D2-4731-B126-7C7E555B726D}D:\games\warcraft iii\war3.exe] => (Allow) D:\games\warcraft iii\war3.exe
FirewallRules: [UDP Query User{F1782BB3-97A9-4686-830D-CAFA45199892}D:\games\warcraft iii\war3.exe] => (Allow) D:\games\warcraft iii\war3.exe
FirewallRules: [{2585272C-6160-4EF2-AAC1-B2F191CC6F20}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{42C22D7A-AC74-444D-A35C-927D67072857}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{50D02A2E-C3F6-450E-8E7D-A18E53E382CA}] => (Allow) C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{102738E8-1793-4BA6-9ADE-AF24D7E16ED6}] => (Allow) C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{EC41A77F-F602-43FB-BA7E-FA4859DB751A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7F15AFB1-7023-44CD-A255-CA05E911E91B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{A9465E2E-A621-41DE-B8FB-915C96327EE6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A6F65244-AEBB-49CD-8E20-2F362AF5D8E3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{2A13DD8B-9004-4816-AB87-ACD621457B15}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{33C197EB-23F4-491F-99EB-92DFB88E050C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1E427E47-7224-45FD-8712-890C84C350EB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FF0F4C30-EC73-4492-A375-16610454BA6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B7D314D4-72E2-4AAF-BB69-3BA81A7FF60B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2FDDCCB5-A68E-4052-B8D6-A5D24B00E429}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{2BAB3384-8BDB-4141-B5D8-2B7AD5952720}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{DF15F5E4-BFBD-4D71-87DC-E4767A47A6C5}C:\program files\strogino cs portal\dota 2\dota.exe] => (Allow) C:\program files\strogino cs portal\dota 2\dota.exe
FirewallRules: [UDP Query User{64BDB4E5-18D2-42F6-A493-95052C63FBAE}C:\program files\strogino cs portal\dota 2\dota.exe] => (Allow) C:\program files\strogino cs portal\dota 2\dota.exe
FirewallRules: [{E3501E7A-BF7B-4A52-94DE-F5457F5E44AF}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{2B2153C7-3EB0-4386-935E-AAC88BD70DC3}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{52A9931C-6F9E-4857-AF55-E0B056585E8A}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{E18BDEDD-87A0-4F62-967D-F30EA8C8F7E1}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{FF88CB1D-716C-436D-8EC1-138F20D13AA1}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{AA76D42E-A6CE-48CE-9E59-F79B917D472D}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [TCP Query User{620AC552-538E-4C5C-B7C0-E26FA9CB6A19}C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Block) C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{AC9F1A68-2977-4086-B892-2519B2A42729}C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe] => (Block) C:\program files\steam\steamapps\common\tom clancy's ghost recon phantoms na\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{7D469ADE-8D64-4EDB-A560-44341BAEDA45}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9029672B-4969-4F34-BFC6-D6DD83D9E882}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{74D49766-D62D-460F-9A29-91F777E2A47A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1A3EBF55-C3AC-4029-B9FD-BDFEE0565744}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{40D281DF-1054-4D8E-AB80-00A6E23998B6}] => (Allow) C:\Users\DEPP\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{B46E5783-6207-4B14-BE71-D2C22E449D22}C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe] => (Allow) C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe
FirewallRules: [UDP Query User{331CD783-A727-4B54-959F-E6380D79C2CC}C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe] => (Allow) C:\users\depp\appdata\local\temp\7zo938a.tmp\listen.exe
FirewallRules: [TCP Query User{BD5A401C-81E9-4D99-9A01-F20C6D4ACF21}C:\users\depp\desktop\pack\luminosity.exe] => (Allow) C:\users\depp\desktop\pack\luminosity.exe
FirewallRules: [UDP Query User{F1E0593D-3610-424A-BA99-B8A293A1E6A1}C:\users\depp\desktop\pack\luminosity.exe] => (Allow) C:\users\depp\desktop\pack\luminosity.exe
FirewallRules: [TCP Query User{94876418-B8BC-406C-A1DE-5CF824906208}C:\users\depp\desktop\p\luminosity.exe] => (Allow) C:\users\depp\desktop\p\luminosity.exe
FirewallRules: [UDP Query User{4274D4BC-BF87-4042-A15A-DD35A5FB9F73}C:\users\depp\desktop\p\luminosity.exe] => (Allow) C:\users\depp\desktop\p\luminosity.exe
FirewallRules: [{CCA5DFFF-578D-4E50-A01F-D1F8E65847E9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{2F1D295E-630E-493A-A8E5-115E7D347806}] => (Allow) LPort=3547
FirewallRules: [{AA7A231C-9376-40CE-AAD3-64F44E883E62}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{6DE83992-B7DC-469D-AA35-30832F037918}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{288DC82F-D74C-42A0-A7ED-61E7EF1E9B45}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A86C7123-0320-42B9-84A1-375A6C054985}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

08-04-2016 07:52:33 Scheduled Checkpoint
08-04-2016 15:33:27 Windows Update
13-04-2016 05:43:58 Windows Update
14-04-2016 04:10:36 Windows Update
18-04-2016 07:41:45 Windows Update

==================== Faulty Device Manager Devices =============

Name: TP-LINK 150Mbps Wireless N PCI Express Adapter
Description: TP-LINK 150Mbps Wireless N PCI Express Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TP-LINK
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/18/2016 08:12:53 AM) (Source: Google Update) (EventID: 20) (User: DEPP-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040880

Error: (04/18/2016 07:56:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RA4W VPN.exe, version: 1.0.0.0, time stamp: 0x52fe87e6
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23392, time stamp: 0x56eb2fb9
Exception code: 0xe0434352
Fault offset: 0x0000845d
Faulting process id: 0x1704
Faulting application start time: 0xRA4W VPN.exe0
Faulting application path: RA4W VPN.exe1
Faulting module path: RA4W VPN.exe2
Report Id: RA4W VPN.exe3

Error: (04/18/2016 07:56:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: RA4W VPN.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Windows.Forms.NativeWindow.CreateHandle(System.Windows.Forms.CreateParams)
   at System.Windows.Forms.Control.CreateHandle()
   at System.Windows.Forms.Control.get_Handle()
   at System.Windows.Forms.Control.get_WindowText()
   at System.Windows.Forms.Control.get_Text()
   at System.Windows.Forms.Label.get_Text()
   at System.Windows.Forms.Control.set_Text(System.String)
   at System.Windows.Forms.Label.set_Text(System.String)
   at DynamicClass.(RA4W_VPN.Form1)
   at RA4W_VPN.Form1.IPGETTER()
   at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()

Error: (04/18/2016 07:51:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.19135, time stamp: 0x56a1ba55
Faulting module name: wucltux.dll, version: 7.6.7601.19161, time stamp: 0x56be2700
Exception code: 0xc0000005
Fault offset: 0x00008d50
Faulting process id: 0x730
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (04/18/2016 07:35:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Luminosity 1.5.exe version 1.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10d4

Start Time: 01d1997f43cf4cf2

Termination Time: 12

Application Path: C:\Users\DEPP\Desktop\geeksn0w\Luminosity 1.5.exe

Report Id: bb35d431-0572-11e6-9662-94de801e18e2

Error: (04/18/2016 07:20:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunesHelper.exe, version: 12.1.1.4, time stamp: 0x54de1375
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7519fff6
Faulting process id: 0x14f4
Faulting application start time: 0xiTunesHelper.exe0
Faulting application path: iTunesHelper.exe1
Faulting module path: iTunesHelper.exe2
Report Id: iTunesHelper.exe3

Error: (04/18/2016 07:20:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: taskmgr.exe, version: 6.1.7601.17514, time stamp: 0x4ce78d21
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7519fff6
Faulting process id: 0xd78
Faulting application start time: 0xtaskmgr.exe0
Faulting application path: taskmgr.exe1
Faulting module path: taskmgr.exe2
Report Id: taskmgr.exe3

Error: (04/18/2016 07:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 49.0.2623.112, time stamp: 0x570458bc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7519fff6
Faulting process id: 0x12f4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (04/18/2016 07:19:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RtHDVCpl.exe, version: 1.0.0.851, time stamp: 0x515502aa
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7519fff6
Faulting process id: 0xbc0
Faulting application start time: 0xRtHDVCpl.exe0
Faulting application path: RtHDVCpl.exe1
Faulting module path: RtHDVCpl.exe2
Report Id: RtHDVCpl.exe3

Error: (04/18/2016 07:19:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sidebar.exe, version: 6.1.7601.17514, time stamp: 0x4ce79791
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7519fff6
Faulting process id: 0x1584
Faulting application start time: 0xsidebar.exe0
Faulting application path: sidebar.exe1
Faulting module path: sidebar.exe2
Report Id: sidebar.exe3


System errors:
=============
Error: (04/18/2016 09:07:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/18/2016 08:16:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/18/2016 08:16:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/18/2016 08:16:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/18/2016 07:59:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TightVNC Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/18/2016 07:59:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/18/2016 07:51:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (04/18/2016 07:51:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (04/18/2016 07:46:35 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:45:02 AM on ‎4/‎18/‎2016 was unexpected.

Error: (04/18/2016 07:30:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DefaultTabUpdate service terminated unexpectedly.  It has done this 1 time(s).


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 73%
Total physical RAM: 3563.95 MB
Available physical RAM: 949.85 MB
Total Virtual: 7126.22 MB
Available Virtual: 4065.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:265.46 GB) (Free:31.27 GB) NTFS
Drive d: () (Fixed) (Total:200.2 GB) (Free:108.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2140375F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=265.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.2 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================