PhilipMoore62
Posts: 330 +2
I believe my system maybe infected as when attempting to remove "File Missing" entries using HJT it is not allowing me to successfully delete the files. I'm sending the Farbar recovery files as asked.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Philip (administrator) on PHILIPSCOMPUTER on 15-07-2015 08:58:52
Running from C:\Users\Philip\Documents\Rescue.Scan Tools
Loaded Profiles: Philip (Available Profiles: Philip & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Alexandre Miguel Canotilho Coelho) C:\Windows_Repair_Toolbox\Windows_Repair_Toolbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-25] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-25] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-30] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 216.228.160.4 216.228.160.3
Tcpip\..\Interfaces\{B66578BC-C3A7-4950-9133-3AAC2D1FB2DC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B66578BC-C3A7-4950-9133-3AAC2D1FB2DC}: [DhcpNameServer] 216.228.160.4 216.228.160.3
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\1jkslavr.default-1436800087910
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-25] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Extension: Fasterfox - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\1jkslavr.default-1436800087910\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2015-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF Extension: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\firefox [2015-07-15]
Chrome:
=======
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Widthie) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh [2015-07-12]
CHR Extension: (RelevantKnowledge) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2015-07-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323200 2015-01-04] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2577640 2013-12-04] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-11] (SurfRight B.V.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-07-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3446224 2015-02-23] (Paramount Software UK Ltd)
S4 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [213784 2015-03-04] (TMRG, Inc.) <==== ATTENTION
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1728592 2015-02-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2015-01-04] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-07] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-10] (Intel Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-06-29] (Glarysoft Ltd)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-07-13] ()
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2012-11-22] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2012-11-22] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2012-11-22] (Paragon)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
U4 Messenger; No ImagePath
R3 WinRing0_1_2_0; \??\C:\Windows_Repair_Toolbox\Windows_Repair_Toolbox.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-15 08:59 - 2015-07-15 08:59 - 00000000 ____D C:\Users\Philip\Desktop\Virus scan Texts
2015-07-15 08:39 - 2015-07-15 08:39 - 01187008 _____ (Adobe Systems Incorporated) C:\Users\Philip\Downloads\flashplayer18_ha_install.exe
2015-07-15 08:05 - 2015-07-15 08:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2015-07-15 08:03 - 2015-03-04 15:23 - 00974616 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll
2015-07-15 08:03 - 2015-03-04 15:23 - 00662808 _____ (TMRG, Inc.) C:\WINDOWS\SysWOW64\rlls.dll
2015-07-15 07:56 - 2015-07-15 08:07 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2015-07-15 07:55 - 2015-07-15 07:55 - 00001149 _____ C:\Users\Public\Desktop\PCMedik.lnk
2015-07-15 07:55 - 2015-07-15 07:55 - 00001149 _____ C:\ProgramData\Desktop\PCMedik.lnk
2015-07-15 07:55 - 2015-07-15 07:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCMedik
2015-07-15 07:54 - 2015-07-15 07:54 - 00000000 ____D C:\Program Files (x86)\PGWARE
2015-07-15 07:52 - 2015-07-15 07:53 - 03055816 _____ (PGWARE LLC ) C:\Users\Philip\Downloads\pcmedik.exe
2015-07-15 07:42 - 2015-07-15 07:42 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-15 07:42 - 2015-07-15 07:42 - 00001125 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-15 07:39 - 2015-07-15 07:39 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-14 09:39 - 2015-07-14 09:39 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 09:39 - 2015-07-14 09:39 - 00001170 _____ C:\ProgramData\Desktop\Mozilla Firefox.lnk
2015-07-14 09:37 - 2015-07-14 09:38 - 41838408 _____ C:\Users\Philip\Downloads\Firefox Setup 40.0b4.exe
2015-07-14 09:36 - 2015-07-14 09:36 - 00000000 ____D C:\ProgramData\IsolatedStorage
2015-07-14 09:35 - 2015-07-14 09:35 - 02097712 _____ C:\Users\Philip\Downloads\AppManagerSetup_2.0.exe
2015-07-14 08:35 - 2015-07-14 08:35 - 00450966 _____ C:\Users\Philip\AppData\Local\census.cache
2015-07-14 08:34 - 2015-07-14 08:34 - 00200897 _____ C:\Users\Philip\AppData\Local\ars.cache
2015-07-14 08:33 - 2015-07-14 08:33 - 00003861 _____ C:\Users\Philip\Downloads\startuplist.txt
2015-07-14 08:26 - 2015-07-14 08:26 - 00000010 _____ C:\Users\Philip\AppData\Local\sponge.last.runtime.cache
2015-07-14 08:22 - 2015-07-14 08:22 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Foxit Software
2015-07-14 08:17 - 2015-07-14 08:17 - 00000036 _____ C:\Users\Philip\AppData\Local\housecall.guid.cache
2015-07-14 08:17 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2015-07-14 08:16 - 2015-07-14 08:16 - 02494944 _____ (Trend Micro Inc.) C:\Users\Philip\Downloads\HousecallLauncher64.exe
2015-07-14 07:46 - 2015-07-14 07:47 - 04261180 _____ C:\Users\Philip\Desktop\PHILIPSCOMPUTER.arn
2015-07-14 07:33 - 2015-07-14 07:33 - 00000000 ____D C:\Users\Philip\Desktop\Autoruns
2015-07-14 07:24 - 2015-07-14 07:24 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-07-13 17:21 - 2015-07-13 17:21 - 00978944 _____ C:\Users\Philip\Downloads\Reset-TCPIP(1).exe
2015-07-13 17:21 - 2015-07-13 17:21 - 00003861 _____ C:\Reset-TCPIP_13072015-172156.txt
2015-07-13 17:19 - 2015-07-13 17:19 - 00978944 _____ C:\Users\Philip\Downloads\Reset-TCPIP.exe
2015-07-13 16:09 - 2015-07-13 16:09 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-07-13 16:09 - 2015-07-13 16:09 - 00000000 ____D C:\WINDOWS\IME
2015-07-13 12:22 - 2015-07-13 12:22 - 00001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-13 12:22 - 2015-07-13 12:22 - 00001776 _____ C:\ProgramData\Desktop\iTunes.lnk
2015-07-13 12:22 - 2015-07-13 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-13 12:21 - 2015-07-13 12:22 - 00000000 ____D C:\Program Files\iTunes
2015-07-13 12:21 - 2015-07-13 12:21 - 00000000 ____D C:\Program Files\iPod
2015-07-13 12:21 - 2015-07-13 12:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-13 10:29 - 2015-07-13 10:29 - 00000000 ____D C:\Users\Philip\Downloads\FRST-OlderVersion
2015-07-13 08:48 - 2015-07-13 08:48 - 00231912 _____ C:\Users\Philip\Downloads\speedyfox-48604410.exe
2015-07-12 11:16 - 2015-07-12 11:16 - 00002186 _____ C:\Users\Philip\Desktop\Tweaking.com - Windows Repair.lnk
2015-07-12 11:15 - 2015-07-12 11:15 - 12910224 _____ C:\Users\Philip\Downloads\tweaking.com_windows_repair_aio_setup(2).exe
2015-07-12 11:00 - 2015-07-12 11:00 - 00000194 _____ C:\Users\Philip\Downloads\hosts-perm(1).bat
2015-07-12 09:10 - 2015-07-12 09:10 - 00074825 _____ C:\Users\Philip\Downloads\Shortcut.txt
2015-07-11 16:03 - 2015-07-11 16:03 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-07-11 16:03 - 2015-07-11 16:03 - 00000000 ____D C:\ProgramData\Documents\Downloaded Installers
2015-07-11 10:52 - 2015-07-11 10:52 - 00001015 _____ C:\Users\Public\Desktop\7 Quick Fix.lnk
2015-07-11 10:52 - 2015-07-11 10:52 - 00001015 _____ C:\ProgramData\Desktop\7 Quick Fix.lnk
2015-07-11 10:52 - 2015-07-11 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 Quick Fix
2015-07-11 10:52 - 2015-07-11 10:52 - 00000000 ____D C:\Program Files (x86)\7 Quick Fix
2015-07-11 10:51 - 2015-07-11 10:51 - 01536945 _____ (LeeLu Soft ) C:\Users\Philip\Downloads\sevenqfinstall.exe
2015-07-11 09:33 - 2015-07-12 09:10 - 00037154 _____ C:\Users\Philip\Downloads\Addition.txt
2015-07-11 09:15 - 2015-07-11 09:15 - 00000000 ____D C:\Users\Philip\Documents\PowerTool x64 V1.3 (en)
2015-07-11 09:13 - 2015-07-11 09:13 - 00000000 ____D C:\Users\Philip\Documents\PowerTool x64 V1.3
2015-07-11 08:39 - 2015-07-11 08:50 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2015-07-11 08:39 - 2015-07-11 08:39 - 00001093 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-11 08:39 - 2015-07-11 08:39 - 00001093 _____ C:\ProgramData\Desktop\VLC media player.lnk
2015-07-11 08:39 - 2015-07-11 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Philip (administrator) on PHILIPSCOMPUTER on 15-07-2015 08:58:52
Running from C:\Users\Philip\Documents\Rescue.Scan Tools
Loaded Profiles: Philip (Available Profiles: Philip & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Alexandre Miguel Canotilho Coelho) C:\Windows_Repair_Toolbox\Windows_Repair_Toolbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-733529448-3193121913-2867107617-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-25] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-25] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-30] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 216.228.160.4 216.228.160.3
Tcpip\..\Interfaces\{B66578BC-C3A7-4950-9133-3AAC2D1FB2DC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B66578BC-C3A7-4950-9133-3AAC2D1FB2DC}: [DhcpNameServer] 216.228.160.4 216.228.160.3
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\1jkslavr.default-1436800087910
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-25] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF Extension: Fasterfox - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\1jkslavr.default-1436800087910\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2015-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF Extension: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\firefox [2015-07-15]
Chrome:
=======
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Widthie) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh [2015-07-12]
CHR Extension: (RelevantKnowledge) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2015-07-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323200 2015-01-04] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-05] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2577640 2013-12-04] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-11] (SurfRight B.V.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-07-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3446224 2015-02-23] (Paramount Software UK Ltd)
S4 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [213784 2015-03-04] (TMRG, Inc.) <==== ATTENTION
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1728592 2015-02-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2015-01-04] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-07] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-10] (Intel Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-06-29] (Glarysoft Ltd)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-07-13] ()
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2012-11-22] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2012-11-22] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2012-11-22] (Paragon)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
U4 Messenger; No ImagePath
R3 WinRing0_1_2_0; \??\C:\Windows_Repair_Toolbox\Windows_Repair_Toolbox.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-15 08:59 - 2015-07-15 08:59 - 00000000 ____D C:\Users\Philip\Desktop\Virus scan Texts
2015-07-15 08:39 - 2015-07-15 08:39 - 01187008 _____ (Adobe Systems Incorporated) C:\Users\Philip\Downloads\flashplayer18_ha_install.exe
2015-07-15 08:05 - 2015-07-15 08:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2015-07-15 08:03 - 2015-03-04 15:23 - 00974616 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll
2015-07-15 08:03 - 2015-03-04 15:23 - 00662808 _____ (TMRG, Inc.) C:\WINDOWS\SysWOW64\rlls.dll
2015-07-15 07:56 - 2015-07-15 08:07 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2015-07-15 07:55 - 2015-07-15 07:55 - 00001149 _____ C:\Users\Public\Desktop\PCMedik.lnk
2015-07-15 07:55 - 2015-07-15 07:55 - 00001149 _____ C:\ProgramData\Desktop\PCMedik.lnk
2015-07-15 07:55 - 2015-07-15 07:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCMedik
2015-07-15 07:54 - 2015-07-15 07:54 - 00000000 ____D C:\Program Files (x86)\PGWARE
2015-07-15 07:52 - 2015-07-15 07:53 - 03055816 _____ (PGWARE LLC ) C:\Users\Philip\Downloads\pcmedik.exe
2015-07-15 07:42 - 2015-07-15 07:42 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-15 07:42 - 2015-07-15 07:42 - 00001125 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-15 07:39 - 2015-07-15 07:39 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-14 09:39 - 2015-07-14 09:39 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 09:39 - 2015-07-14 09:39 - 00001170 _____ C:\ProgramData\Desktop\Mozilla Firefox.lnk
2015-07-14 09:37 - 2015-07-14 09:38 - 41838408 _____ C:\Users\Philip\Downloads\Firefox Setup 40.0b4.exe
2015-07-14 09:36 - 2015-07-14 09:36 - 00000000 ____D C:\ProgramData\IsolatedStorage
2015-07-14 09:35 - 2015-07-14 09:35 - 02097712 _____ C:\Users\Philip\Downloads\AppManagerSetup_2.0.exe
2015-07-14 08:35 - 2015-07-14 08:35 - 00450966 _____ C:\Users\Philip\AppData\Local\census.cache
2015-07-14 08:34 - 2015-07-14 08:34 - 00200897 _____ C:\Users\Philip\AppData\Local\ars.cache
2015-07-14 08:33 - 2015-07-14 08:33 - 00003861 _____ C:\Users\Philip\Downloads\startuplist.txt
2015-07-14 08:26 - 2015-07-14 08:26 - 00000010 _____ C:\Users\Philip\AppData\Local\sponge.last.runtime.cache
2015-07-14 08:22 - 2015-07-14 08:22 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Foxit Software
2015-07-14 08:17 - 2015-07-14 08:17 - 00000036 _____ C:\Users\Philip\AppData\Local\housecall.guid.cache
2015-07-14 08:17 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2015-07-14 08:16 - 2015-07-14 08:16 - 02494944 _____ (Trend Micro Inc.) C:\Users\Philip\Downloads\HousecallLauncher64.exe
2015-07-14 07:46 - 2015-07-14 07:47 - 04261180 _____ C:\Users\Philip\Desktop\PHILIPSCOMPUTER.arn
2015-07-14 07:33 - 2015-07-14 07:33 - 00000000 ____D C:\Users\Philip\Desktop\Autoruns
2015-07-14 07:24 - 2015-07-14 07:24 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-07-13 17:21 - 2015-07-13 17:21 - 00978944 _____ C:\Users\Philip\Downloads\Reset-TCPIP(1).exe
2015-07-13 17:21 - 2015-07-13 17:21 - 00003861 _____ C:\Reset-TCPIP_13072015-172156.txt
2015-07-13 17:19 - 2015-07-13 17:19 - 00978944 _____ C:\Users\Philip\Downloads\Reset-TCPIP.exe
2015-07-13 16:09 - 2015-07-13 16:09 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-07-13 16:09 - 2015-07-13 16:09 - 00000000 ____D C:\WINDOWS\IME
2015-07-13 12:22 - 2015-07-13 12:22 - 00001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-13 12:22 - 2015-07-13 12:22 - 00001776 _____ C:\ProgramData\Desktop\iTunes.lnk
2015-07-13 12:22 - 2015-07-13 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-13 12:21 - 2015-07-13 12:22 - 00000000 ____D C:\Program Files\iTunes
2015-07-13 12:21 - 2015-07-13 12:21 - 00000000 ____D C:\Program Files\iPod
2015-07-13 12:21 - 2015-07-13 12:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-13 10:29 - 2015-07-13 10:29 - 00000000 ____D C:\Users\Philip\Downloads\FRST-OlderVersion
2015-07-13 08:48 - 2015-07-13 08:48 - 00231912 _____ C:\Users\Philip\Downloads\speedyfox-48604410.exe
2015-07-12 11:16 - 2015-07-12 11:16 - 00002186 _____ C:\Users\Philip\Desktop\Tweaking.com - Windows Repair.lnk
2015-07-12 11:15 - 2015-07-12 11:15 - 12910224 _____ C:\Users\Philip\Downloads\tweaking.com_windows_repair_aio_setup(2).exe
2015-07-12 11:00 - 2015-07-12 11:00 - 00000194 _____ C:\Users\Philip\Downloads\hosts-perm(1).bat
2015-07-12 09:10 - 2015-07-12 09:10 - 00074825 _____ C:\Users\Philip\Downloads\Shortcut.txt
2015-07-11 16:03 - 2015-07-11 16:03 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-07-11 16:03 - 2015-07-11 16:03 - 00000000 ____D C:\ProgramData\Documents\Downloaded Installers
2015-07-11 10:52 - 2015-07-11 10:52 - 00001015 _____ C:\Users\Public\Desktop\7 Quick Fix.lnk
2015-07-11 10:52 - 2015-07-11 10:52 - 00001015 _____ C:\ProgramData\Desktop\7 Quick Fix.lnk
2015-07-11 10:52 - 2015-07-11 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 Quick Fix
2015-07-11 10:52 - 2015-07-11 10:52 - 00000000 ____D C:\Program Files (x86)\7 Quick Fix
2015-07-11 10:51 - 2015-07-11 10:51 - 01536945 _____ (LeeLu Soft ) C:\Users\Philip\Downloads\sevenqfinstall.exe
2015-07-11 09:33 - 2015-07-12 09:10 - 00037154 _____ C:\Users\Philip\Downloads\Addition.txt
2015-07-11 09:15 - 2015-07-11 09:15 - 00000000 ____D C:\Users\Philip\Documents\PowerTool x64 V1.3 (en)
2015-07-11 09:13 - 2015-07-11 09:13 - 00000000 ____D C:\Users\Philip\Documents\PowerTool x64 V1.3
2015-07-11 08:39 - 2015-07-11 08:50 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2015-07-11 08:39 - 2015-07-11 08:39 - 00001093 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-11 08:39 - 2015-07-11 08:39 - 00001093 _____ C:\ProgramData\Desktop\VLC media player.lnk
2015-07-11 08:39 - 2015-07-11 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN