FRST.txt Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Cody (administrator) on MAH-DESKTOP (10-09-2016 20:03:01)
Running from C:\Users\Cody\Downloads
Loaded Profiles: Cody (Available Profiles: Cody & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Riot Games\LolScreenSaver\service\service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
() C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\chrome_extension2\host\chrome_native_msg_host.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1903344 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-07] (Logitech Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-09-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1917440 2016-07-15] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-3313481241-1894715402-4189534921-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29500544 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-3313481241-1894715402-4189534921-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Cody\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3313481241-1894715402-4189534921-1004\...\Run: [NetDrive2] => "C:\PROGRA~1\NETDRI~1\NetDrive2.exe" -tray
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-3313481241-1894715402-4189534921-1004] => hxxp://non-block.com/wpad.dat?9a74ebdcc637e6b158803a4faae89dc315986084
Hosts: 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bb993540-6cda-49de-9ab8-4fdb17444a7a}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://non-block.com/wpad.dat?9a74ebdcc637e6b158803a4faae89dc315986084
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3313481241-1894715402-4189534921-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3313481241-1894715402-4189534921-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-3313481241-1894715402-4189534921-1004 -> DefaultScope {3C2CE495-0E51-4445-B938-7EC00E7B56A5} URL =
SearchScopes: HKU\S-1-5-21-3313481241-1894715402-4189534921-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3313481241-1894715402-4189534921-1004 -> {3C2CE495-0E51-4445-B938-7EC00E7B56A5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-13] (Microsoft Corporation)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe64.dll [2016-06-15] (Trend Micro Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-07-13] (Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe32.dll [2016-06-15] (Trend Micro Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe64.dll [2016-06-15] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\TmBpIe32.dll [2016-06-15] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\wv5djrep.default-1473395599353
FF Homepage:
www.google.com.au
FF NetworkProxy: "no_proxies_on", "
https://localhost, localhost, 127.0.0.1"
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-05] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-01-12] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2016-01-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3313481241-1894715402-4189534921-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-06-11] ()
FF Extension: (Firefox Hotfix) - C:\Users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\wv5djrep.default-1473395599353\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\firefoxextension [2016-06-23]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1089\9.1.1089\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-03-10]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-01-11]
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.google.com/
CHR StartupUrls: Default -> "hxxp://
www.google.com.au/"
CHR Profile: C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-24]
CHR Extension: (Google Docs) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-24]
CHR Extension: (Google Drive) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-24]
CHR Extension: (Adguard AdBlocker) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-08-30]
CHR Extension: (YouTube) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-24]
CHR Extension: (Google Search) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-24]
CHR Extension: (Google Sheets) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-24]
CHR Extension: (Google Docs Offline) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Ghostery) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-09-01]
CHR Extension: (Gmail) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-24]
CHR Extension: (Chrome Media Router) - C:\Users\Cody\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-05] (Microsoft Corporation)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-07] (Logitech Inc.)
R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-31] () [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-30] (Overwolf LTD)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-17] (Trend Micro Inc.)
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2443776 2016-07-14] (Trend Micro Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-15] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
S2 NetDrive2_Service_NetDrive2; C:\Program Files\NetDrive2\nd2svc.exe [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-21] (Qualcomm Atheros Communications, Inc.)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-06] (CyberLink)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-09] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 OSFMount; C:\Program Files\OSFMount\OSFMount.sys [1299384 2014-02-07] (PassMark Software)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 SNXPPAMD; C:\Windows\System32\drivers\snxppamd.sys [99424 2013-03-13] (SUNIX Co., Ltd.)
S3 SNXPSAMD; C:\Windows\System32\drivers\snxpsamd.sys [97888 2013-03-13] (SUNIX Co., Ltd.)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [133424 2015-11-23] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [324912 2015-11-23] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-11] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [99632 2015-11-23] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R1 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [101600 2016-07-21] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [124752 2015-12-10] (Trend Micro Inc.)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2015-09-24] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 mfeapfk; system32\drivers\mfeapfk.sys [X]
U2 TMAgent; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-10 20:04 - 2016-09-10 20:04 - 00000635 _____ C:\WINDOWS\system32\Drivers\etc\tmsshf.bin
2016-09-10 20:03 - 2016-09-10 20:03 - 00034712 _____ C:\Users\Cody\Downloads\FRST.txt
2016-09-10 20:02 - 2016-09-10 20:03 - 00000000 ____D C:\FRST
2016-09-10 20:02 - 2016-09-10 20:02 - 02397696 _____ (Farbar) C:\Users\Cody\Downloads\FRST64.exe
2016-09-10 19:50 - 2016-09-10 19:50 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Cody\Downloads\SpyHunter-Installer.exe
2016-09-10 02:25 - 2016-09-10 02:25 - 00003434 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-09-10 02:24 - 2016-09-10 02:24 - 00002361 _____ C:\Users\Cody\Desktop\SpyHunter.lnk
2016-09-10 02:24 - 2016-09-10 02:24 - 00000000 ____D C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-09-10 02:24 - 2016-09-10 02:24 - 00000000 ____D C:\sh4ldr
2016-09-10 02:24 - 2016-09-10 02:24 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-09-10 02:23 - 2016-09-10 02:24 - 00000000 ____D C:\WINDOWS\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2016-09-10 02:21 - 2016-09-10 02:21 - 00000000 ____D C:\Users\Cody\Downloads\SpyHunter 4 + Crack
2016-09-10 02:20 - 2016-09-10 02:21 - 15901755 _____ C:\Users\Cody\Downloads\SpyHunter 4 + Crack.zip
2016-09-09 21:29 - 2016-09-10 19:52 - 00001166 _____ C:\Users\Cody\Desktop\nativelog.txt
2016-09-09 16:30 - 2016-09-09 16:30 - 00001816 _____ C:\Users\Cody\Desktop\Google Chrome.lnk
2016-09-09 15:15 - 2016-09-10 01:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-09 15:14 - 2016-09-09 16:25 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-09 15:14 - 2016-09-09 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-09 15:14 - 2016-09-09 15:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-09 15:14 - 2016-09-09 15:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-09 15:14 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-09 15:14 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-09 15:14 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-09 15:12 - 2016-09-09 15:14 - 22851472 _____ (Malwarebytes ) C:\Users\Cody\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-09 14:45 - 2016-09-09 14:45 - 00000000 _____ C:\autoexec.bat
2016-09-09 14:44 - 2016-09-09 14:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-09 14:18 - 2016-09-09 14:18 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-09 14:17 - 2016-09-09 14:40 - 00171198 _____ C:\WINDOWS\ntbtlog.txt
2016-09-07 17:29 - 2016-09-07 17:29 - 36269107 _____ C:\Users\Cody\Downloads\Introduction to Electric Circuits, 8th Edition by Richard C. Dorf & James A. Svoboda.pdf
2016-09-07 17:16 - 2016-09-07 17:16 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-07 13:09 - 2016-09-07 13:09 - 09333759 _____ C:\Users\Cody\Downloads\Republic_Venator_Class Star_Destroyer_Divici.zip
2016-09-06 19:13 - 2016-09-06 19:13 - 00000000 ____D C:\Users\Cody\Documents\Minecraft projects
2016-09-06 13:21 - 2016-09-09 14:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-06 12:38 - 2016-09-06 12:38 - 00000000 ____D C:\Users\Cody\AppData\Local\Macromedia
2016-09-04 22:57 - 2016-09-07 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-09-04 19:38 - 2016-09-09 16:25 - 00000982 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2016-09-04 19:38 - 2016-09-04 19:38 - 00000000 ____D C:\Users\Cody\AppData\Local\TomTom
2016-09-04 19:38 - 2016-09-04 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-09-04 19:38 - 2016-09-04 19:38 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2016-09-04 19:37 - 2016-09-04 19:37 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2016-09-04 19:34 - 2016-09-04 19:35 - 37565768 _____ (TomTom International B.V.) C:\Users\Cody\Downloads\InstallMyDriveConnect.exe
2016-09-03 21:25 - 2016-09-03 21:25 - 00013914 _____ C:\Users\Cody\AppData\Local\recently-used.xbel
2016-09-03 20:55 - 2016-09-03 20:55 - 03927093 _____ C:\Users\Cody\Downloads\forge-1.8.9-11.15.1.1722-installer-win.exe
2016-09-03 20:41 - 2016-09-03 20:42 - 03719516 _____ C:\Users\Cody\Downloads\forge-1.8-11.14.4.1563-installer-win.exe
2016-09-03 20:32 - 2016-09-03 20:32 - 01971599 _____ C:\Users\Cody\Downloads\fml-1.8-8.0.127.1103-installer-win.exe
2016-09-03 17:23 - 2016-09-03 17:23 - 02802417 _____ C:\Users\Cody\Downloads\RaceMenu Overlay Compilation - CBBE version-48705-1-1.rar
2016-09-03 11:34 - 2016-09-03 11:34 - 00001624 _____ C:\Users\Cody\Downloads\Should You Lock the Door- (1).xml
2016-09-03 11:33 - 2016-09-03 11:33 - 00001624 _____ C:\Users\Cody\Downloads\Should You Lock the Door-.xml
2016-09-02 19:54 - 2016-09-02 19:54 - 02797828 _____ C:\Users\Cody\Downloads\ELEC2004 Study Guide.zip
2016-09-02 19:54 - 2016-09-02 19:54 - 00000000 ____D C:\Users\Cody\Downloads\ELEC2004 Study Guide
2016-08-27 21:22 - 2016-08-27 21:22 - 00000000 ____D C:\Users\Cody\Downloads\XRM_BACKGR
2016-08-27 21:19 - 2016-08-27 21:20 - 00000000 ____D C:\Users\Cody\Downloads\XRM1.30
2016-08-27 20:54 - 2016-08-27 20:55 - 27089068 _____ C:\Users\Cody\Downloads\XRM_BACKGR.zip
2016-08-27 20:52 - 2016-08-27 21:09 - 485793193 _____ C:\Users\Cody\Downloads\XRM1.30_PART_1 (1).zip
2016-08-27 20:52 - 2016-08-27 20:59 - 328027746 _____ C:\Users\Cody\Downloads\XRM1.29_PART_3.zip
2016-08-27 20:52 - 2016-08-27 20:52 - 08927374 _____ C:\Users\Cody\Downloads\XRM1.30d_PART_2.zip
2016-08-27 20:40 - 2016-08-27 20:40 - 00605859 _____ C:\Users\Cody\Downloads\X3-ImmersiveGUIHUD-1.3.rar
2016-08-27 20:38 - 2016-08-27 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Egosoft
2016-08-27 20:35 - 2016-08-27 20:38 - 03313352 _____ (Egosoft ) C:\Users\Cody\Downloads\X3AP_Bonus_Pack_5.1.0.0.exe
2016-08-26 21:00 - 2016-08-26 21:03 - 57330773 _____ C:\Users\Cody\Downloads\Beastess 8.02.7z
2016-08-24 01:14 - 2016-08-24 01:14 - 00006403 _____ C:\Users\Cody\Downloads\Cure.rar
2016-08-23 23:52 - 2016-08-23 23:52 - 00000083 _____ C:\Users\Cody\.gtk-bookmarks
2016-08-23 23:13 - 2016-09-03 21:25 - 00000000 ____D C:\Users\Cody\AppData\Local\gtk-2.0
2016-08-23 23:11 - 2016-08-23 23:11 - 00000000 ____D C:\Users\Cody\.thumbnails
2016-08-23 22:39 - 2016-09-03 21:25 - 00000000 ____D C:\Users\Cody\.gimp-2.8
2016-08-23 22:39 - 2016-08-23 22:39 - 00000000 ____D C:\Users\Cody\AppData\Local\gegl-0.2
2016-08-23 22:39 - 2016-08-23 22:39 - 00000000 ____D C:\Users\Cody\AppData\Local\fontconfig
2016-08-23 22:37 - 2016-08-23 22:37 - 00000000 ____D C:\Users\Cody\Downloads\gimp-dds-win64-3.0.1
2016-08-23 22:36 - 2016-08-23 22:36 - 00000000 ____D C:\Users\Cody\Downloads\use own skin
2016-08-22 23:49 - 2016-08-22 23:50 - 31096007 _____ C:\Users\Cody\Downloads\SOS - Schlongs of Skyrim - 3.00.004.7z
2016-08-22 23:33 - 2016-08-22 23:34 - 00367593 _____ C:\Users\Cody\Downloads\PapyrusUtil_v32.zip
2016-08-22 16:25 - 2016-08-22 16:26 - 24688762 _____ C:\Users\Cody\Downloads\Mod Organizer v1_3_11 installer-1334-1-3-11.exe
2016-08-22 15:17 - 2016-08-22 15:17 - 123899131 _____ C:\Users\Cody\Downloads\MoreNastyCritters9_3_fomod.7z
2016-08-21 23:55 - 2016-08-21 23:56 - 00000000 ____D C:\Users\Cody\Downloads\TES5Edit 3.1.3-25859-3-1-3
2016-08-21 23:55 - 2016-08-21 23:55 - 02900822 _____ C:\Users\Cody\Downloads\TES5Edit 3.1.3-25859-3-1-3.7z
2016-08-21 23:21 - 2016-08-21 23:21 - 07603889 _____ C:\Users\Cody\Downloads\2.17 archives.7z
2016-08-21 23:18 - 2016-08-21 23:18 - 00000000 ____D C:\Users\Cody\Downloads\ERF Bodyslide Presets
2016-08-21 23:17 - 2016-08-21 23:17 - 00000000 ____D C:\Users\Cody\Downloads\PSQ Transform Package - Animated Wings 1.2
2016-08-21 23:14 - 2016-08-21 23:14 - 00000000 ____D C:\Users\Cody\Downloads\PSQ Transform Package - Horse Penis Addon 1.2
2016-08-21 23:01 - 2016-08-21 23:01 - 00002513 _____ C:\Users\Cody\Downloads\PSQ RND.7z
2016-08-21 22:59 - 2016-08-21 22:59 - 00001142 _____ C:\Users\Cody\Downloads\Transform Dummy Files.7z
2016-08-21 22:47 - 2016-08-21 22:50 - 77796693 _____ C:\Users\Cody\Downloads\PSQ Transform Package 1.2.zip
2016-08-21 22:47 - 2016-08-21 22:47 - 02761717 _____ C:\Users\Cody\Downloads\PSQ Transform Package - Horse Penis Addon 1.2.zip
2016-08-21 22:46 - 2016-08-21 22:46 - 00581085 _____ C:\Users\Cody\Downloads\PSQ Transform Package - Animated Wings 1.2.zip
2016-08-21 22:46 - 2016-08-21 22:46 - 00000569 _____ C:\Users\Cody\Downloads\PSQ Copy OrgBody Files Script.zip
2016-08-21 22:45 - 2016-08-21 22:45 - 00007394 _____ C:\Users\Cody\Downloads\ERF Bodyslide Presets.zip
2016-08-21 16:15 - 2016-08-21 16:15 - 00070738 _____ C:\Users\Cody\Downloads\SlaveTats-1.2.1.7z
2016-08-21 15:46 - 2016-09-09 16:26 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-08-21 15:46 - 2016-08-21 15:46 - 00000000 ____D C:\Program Files\GIMP 2
2016-08-21 15:45 - 2016-08-21 15:45 - 00197483 _____ C:\Users\Cody\Downloads\gimp-dds-win64-3.0.1.zip
2016-08-21 15:44 - 2016-08-21 15:46 - 77404656 _____ (The GIMP Team ) C:\Users\Cody\Downloads\gimp-2.8.18-setup.exe
2016-08-21 15:09 - 2016-08-21 15:09 - 01605460 _____ C:\Users\Cody\Downloads\use own skin.7z
2016-08-21 14:20 - 2016-08-21 14:20 - 00000000 ____D C:\Users\Cody\Downloads\NifSkope_2_0_2016-04-11-1
2016-08-21 13:48 - 2016-08-21 13:48 - 00000000 ____D C:\Users\Cody\Downloads\fixed_textures
2016-08-21 00:46 - 2016-08-21 02:45 - 00000000 ____D C:\Users\Cody\Downloads\BSAopt-247-1-6-3
2016-08-21 00:46 - 2016-08-21 00:46 - 00983170 _____ C:\Users\Cody\Downloads\BSAopt-247-1-6-3.7z
2016-08-21 00:22 - 2016-08-21 00:22 - 00000000 ____D C:\Users\Cody\Downloads\Copy Orgbody MO
2016-08-21 00:14 - 2016-08-21 00:14 - 01622397 _____ C:\Users\Cody\Downloads\PSQ3.2.6.7z
2016-08-20 14:54 - 2016-09-09 16:26 - 00001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT.lnk
2016-08-20 14:54 - 2016-09-09 16:25 - 00001020 _____ C:\Users\Public\Desktop\LOOT.lnk
2016-08-20 14:54 - 2016-08-28 18:45 - 00000000 ____D C:\Users\Cody\AppData\Local\LOOT
2016-08-20 14:54 - 2016-08-20 14:54 - 00000000 ____D C:\Program Files (x86)\LOOT
2016-08-20 14:51 - 2016-08-20 14:53 - 25492241 _____ (LOOT Team ) C:\Users\Cody\Downloads\LOOT.Installer.exe