batman pasta
Posts: 24 +0
I use Avira antivirus and run a full scan.
I then ran Farbar recovery scan tool. FRST:txt here:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
Ran by moshik (administrator) on DESKTOP-DT2TQHB (29-02-2016 18:20:03)
Running from C:\Users\moshik\Desktop\program installations
Loaded Profiles: moshik (Available Profiles: moshik)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\Dell-Notebook\CxUtilSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\Dell-Notebook\SmartAudio3.exe
() C:\Users\moshik\Desktop\program installations\WinXCorners_1.0\WinXCorners.exe
() C:\Program Files (x86)\TouchpadPal\TouchpadPal.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell) C:\Program Files\Dell\Product Registration\PRSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.16941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3885616 2015-07-23] (Dell Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [600496 2015-07-08] (Waves Audio Ltd.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\Conexant\SA3\Dell-Notebook\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.0\apmwinsrv.exe [66768 2013-01-16] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [dply_en_015020227] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.0\activation\hfsactivator.exe [245456 2013-01-16] ()
HKU\S-1-5-21-334763386-1307711864-355962522-1001\...\Run: [eM Client] => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
HKU\S-1-5-21-334763386-1307711864-355962522-1001\...\Run: [WinXCorners] => C:\Users\moshik\Desktop\program installations\WinXCorners_1.0\WinXCorners.exe [769536 2015-10-18] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TouchpadPal.lnk [2016-02-14]
ShortcutTarget: TouchpadPal.lnk -> C:\Program Files (x86)\TouchpadPal\TouchpadPal.exe ()
Startup: C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinXCorners.exe.lnk [2016-02-28]
ShortcutTarget: WinXCorners.exe.lnk -> C:\Users\moshik\Desktop\program installations\WinXCorners_1.0\WinXCorners.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-334763386-1307711864-355962522-1001] => hxxp://unblockservice.com/wpad.dat?6e0369d28547e1a0f0368964c6444f235619421
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{875f58a8-2459-405f-9bf8-1b8782142a8c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b2c42cef-eeb2-462d-ab39-5dd9addb1068}: [DhcpNameServer] 172.51.1.171
ManualProxies: 0hxxp://unblockservice.com/wpad.dat?6e0369d28547e1a0f0368964c6444f235619421
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-334763386-1307711864-355962522-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-334763386-1307711864-355962522-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-334763386-1307711864-355962522-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-334763386-1307711864-355962522-1001 -> DefaultScope {A88981D5-F706-41BC-ABF0-525D494243AE} URL =
SearchScopes: HKU\S-1-5-21-334763386-1307711864-355962522-1001 -> {A88981D5-F706-41BC-ABF0-525D494243AE} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3321538&octid=EB_ORIGINAL_CTID&ISID=M6F3E6A18-BF5A-458D-BA11-DF10F86B5807&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP18AC49F8-5173-44CA-BF0B-A0DE0378729D&D=020316
FF DefaultSearchEngine: Trovi
FF SelectedSearchEngine: Trovi
FF Homepage: hxxps://www.google.com/
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\searchplugins\smod.xml [2016-02-03]
FF SearchPlugin: C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\searchplugins\yoursearching.xml [2016-02-03]
FF Extension: FirefixTab - C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\Extensions\1454525752_xpi [2016-02-03] [not signed]
FF Extension: Avira Browser Safety - C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\Extensions\abs@avira.com.xpi [2016-02-04]
FF Extension: Adblock Plus - C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-03]
FF HKLM\...\Firefox\Extensions: [{863F909E-C5C8-474E-86A4-48868331E5F5}] - C:\Program Files\groover030220162041\Firefox\{863F909E-C5C8-474E-86A4-48868331E5F5}.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{863F909E-C5C8-474E-86A4-48868331E5F5}] - C:\Program Files\groover030220162041\Firefox\{863F909E-C5C8-474E-86A4-48868331E5F5}.xpi => not found
Chrome:
=======
CHR HomePage: Default -> hxxp://feedly.com/I/my
CHR StartupUrls: Default -> "hxxp://www.igoogleportal.com/mypage/index.php#"
CHR NewTab: Default -> "chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR DefaultSearchURL: Default -> hxxps://adblockplus.org/favicon.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-05]
CHR Extension: (Google Docs) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-05]
CHR Extension: (Google Drive) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-05]
CHR Extension: (YouTube) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-05]
CHR Extension: (Google Search) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-05]
CHR Extension: (Google Sheets) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-05]
CHR Extension: (Ad Block) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggohlamdcpdlpkfflfekhpioioocbfle [2016-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-05]
CHR Extension: (AdBlock) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (New Tab Redirect) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2016-02-06]
CHR Extension: (Popup Blocker Pro) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-02-05]
CHR Extension: (Adblock Plus • View topic - ABP icon ...) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\micelfbepmlpekpmfoinkpemgmppleod [2016-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-05]
CHR Extension: (Iminent NewTab) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn [2016-02-05]
CHR Extension: (Gmail) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olghjjajidfdflkafeekiojnfmiolccp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; c:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3744904 2015-06-19] (Intel Corporation)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [598448 2015-08-24] ()
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\Dell-Notebook\CxUtilSvc.exe [109184 2015-07-28] (Conexant Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-03] (Dropbox, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [119656 2016-01-15] (Dell)
R2 Dell Product Registration; C:\Program Files\Dell\Product Registration\PRSvc.exe [32104 2015-12-05] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-06-26] (Intel Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [361376 2015-08-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [564144 2015-07-08] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-01-16] (Paragon Software Group)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corp.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-06-26] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-06-26] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-06-26] (Intel Corporation)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [60624 2013-01-16] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [202960 2013-01-16] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-01-16] (Paragon Software Group)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [43512 2015-06-10] (Intel Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-06-16] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-08] (Intel Corporation)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-01-16] (Paragon Software Group)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-02-03] (DotC United Inc)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [6711048 2015-11-05] (Intel Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows (R) Win 7 DDK provider)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [31280 2015-04-14] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-29 18:19 - 2016-02-29 18:20 - 00000000 ____D C:\FRST
2016-02-28 19:19 - 2016-02-28 19:31 - 00000000 ____D C:\Users\moshik\AppData\Roaming\XnView
2016-02-28 19:19 - 2016-02-28 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-02-28 19:19 - 2016-02-28 19:19 - 00000000 ____D C:\Program Files (x86)\XnView
2016-02-28 18:12 - 2016-02-28 18:15 - 00000000 ____D C:\Users\moshik\AppData\Roaming\XnConvert
2016-02-28 17:37 - 2016-02-28 17:37 - 1055294474 _____ C:\WINDOWS\MEMORY.DMP
2016-02-28 17:37 - 2016-02-28 17:37 - 00286092 _____ C:\WINDOWS\Minidump\022816-6250-01.dmp
2016-02-28 17:37 - 2016-02-28 17:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-28 17:23 - 2016-02-28 17:23 - 00002123 _____ C:\Users\moshik\Desktop\Free Antivirus Profile Full scan.LNK
2016-02-27 13:58 - 2016-02-27 14:05 - 00000000 ____D C:\ProgramData\FastPictureViewer
2016-02-27 12:41 - 2016-02-27 13:26 - 02120280 _____ C:\Users\moshik\Desktop\eddie.psd
2016-02-25 14:22 - 2016-02-29 17:42 - 51231837 _____ C:\Users\moshik\Desktop\poster.psd
2016-02-24 21:15 - 2016-02-24 21:15 - 00000000 ____D C:\Users\moshik\Documents\Painter 2015 Recovered Files
2016-02-23 14:35 - 2016-02-27 19:31 - 00000000 ____D C:\Users\moshik\Downloads\Torrent
2016-02-23 11:24 - 2016-02-23 11:24 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Corel
2016-02-23 11:24 - 2016-02-23 11:24 - 00000000 ____D C:\ProgramData\Protexis64
2016-02-23 11:17 - 2016-02-23 11:17 - 00002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 2015.lnk
2016-02-23 11:17 - 2016-02-23 11:17 - 00000000 ____D C:\ProgramData\Corel
2016-02-23 11:17 - 2016-02-23 11:17 - 00000000 ____D C:\Program Files\Common Files\Protexis
2016-02-23 11:16 - 2016-02-23 11:16 - 00000000 ____D C:\Program Files\Corel
2016-02-23 10:33 - 2016-02-27 13:54 - 00000000 ____D C:\Users\moshik\AppData\LocalLow\uTorrent
2016-02-18 16:50 - 2016-02-18 16:50 - 00000000 ____D C:\Users\moshik\Desktop\Lynda.Wacom.Essential.Training.Full_p30download.com
2016-02-17 17:28 - 2016-02-17 17:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-02-17 15:33 - 2016-02-17 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-16 19:30 - 2016-02-29 17:37 - 00000000 ____D C:\Users\moshik\AppData\Roaming\MusicBee
2016-02-16 19:30 - 2016-02-16 19:30 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2016-02-16 15:18 - 2016-02-16 15:18 - 00000000 ____D C:\Users\moshik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2016-02-15 23:44 - 2016-02-24 10:42 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Wings3D
2016-02-15 23:27 - 2016-02-15 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wings 3D 1.5.4
2016-02-15 23:27 - 2016-02-15 23:27 - 00000000 ____D C:\Program Files\wings3d_1.5.4
2016-02-15 23:07 - 2016-02-15 23:07 - 00000017 _____ C:\Users\moshik\AppData\Local\resmon.resmoncfg
2016-02-15 15:03 - 2016-02-15 15:03 - 00000000 ____D C:\Users\moshik\AppData\Roaming\WTablet
2016-02-15 15:02 - 2016-02-15 15:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2016-02-15 15:02 - 2016-02-15 15:02 - 00000000 ____D C:\Program Files\TabletPlugins
2016-02-15 15:02 - 2016-02-15 15:02 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2016-02-15 15:02 - 2015-11-30 18:34 - 00103616 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys
2016-02-15 15:02 - 2015-11-30 18:34 - 00015040 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys
2016-02-15 15:02 - 2015-11-30 18:34 - 00014016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2016-02-15 15:02 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfcoinstaller01009.dll
2016-02-15 15:01 - 2016-02-15 15:02 - 00000000 ____D C:\Program Files\Tablet
2016-02-15 15:01 - 2016-01-11 18:30 - 02103488 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 02077888 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 02071232 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Touch_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01966272 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01683648 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01681600 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wacom_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01674432 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wacom_Touch_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01571520 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2016-02-15 14:40 - 2016-02-15 14:40 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-02-15 14:40 - 2016-02-15 14:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-02-15 14:40 - 2016-02-15 14:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-02-15 11:13 - 2016-02-15 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon HFS+ for Windows™ 10.0
2016-02-15 11:13 - 2016-02-15 11:13 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2016-02-15 11:13 - 2013-01-16 15:50 - 00202960 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\hfsplus.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00060624 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\gpt_loader.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00050896 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\apmwin.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00042704 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\mounthlp.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00015568 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\hfsplusrec.sys
2016-02-14 23:36 - 2016-02-18 16:36 - 00000000 ____D C:\Users\moshik\Desktop\tutorials
2016-02-14 23:29 - 2016-02-14 23:30 - 00000000 ____D C:\Users\moshik\Desktop\images
2016-02-14 23:28 - 2016-02-28 11:35 - 00000000 ____D C:\Users\moshik\Desktop\temp client
2016-02-14 23:25 - 2016-02-14 23:33 - 00000000 ____D C:\Users\moshik\Desktop\projects
2016-02-14 23:25 - 2016-02-14 23:25 - 00000000 ____D C:\Users\moshik\Desktop\Tattoo
2016-02-14 21:41 - 2016-02-14 23:23 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-02-14 21:41 - 2016-02-14 21:51 - 00000000 ____D C:\Users\Public\Foxit Software
2016-02-14 21:41 - 2016-02-14 21:51 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Foxit Software
2016-02-14 21:41 - 2016-02-14 21:41 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Foxit AgentInformation
2016-02-14 20:29 - 2016-02-14 20:29 - 00000000 ____D C:\Users\Public\Documents\ZBrushData
2016-02-14 20:28 - 2016-02-14 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2016-02-14 20:27 - 2016-02-14 20:27 - 00000000 ____D C:\Program Files (x86)\Pixologic
2016-02-14 16:01 - 2016-02-14 16:01 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Windows Live Writer
2016-02-14 16:01 - 2016-02-14 16:01 - 00000000 ____D C:\Users\moshik\AppData\Local\Windows Live Writer
2016-02-14 16:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-02-14 16:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-02-14 16:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-02-14 16:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-02-14 16:00 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-02-14 16:00 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-02-14 15:59 - 2016-02-14 16:07 - 00000000 ____D C:\Users\moshik\AppData\Local\Windows Live
2016-02-14 15:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-02-14 15:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-02-14 15:42 - 2016-02-14 15:43 - 00000000 ____D C:\Users\moshik\AppData\Roaming\The Bat!
2016-02-14 15:42 - 2016-02-14 15:42 - 00001940 _____ C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Bat!.LNK
2016-02-13 22:57 - 2016-02-13 22:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-12 23:44 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-12 23:44 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-12 23:44 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-12 23:44 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-12 23:44 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-12 23:44 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-12 23:44 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-12 23:44 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-12 23:44 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-12 23:44 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-12 23:44 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-12 23:44 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-12 23:44 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-12 23:44 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-12 23:44 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-12 23:44 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-12 23:44 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-12 23:44 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-12 23:44 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-12 23:44 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-12 23:44 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-12 23:44 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-12 23:44 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-12 23:44 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-12 23:44 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-12 23:44 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-12 23:44 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-12 23:44 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-12 23:44 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-12 23:44 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-12 23:44 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-12 23:44 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-12 23:44 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-12 23:44 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-12 23:44 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-12 23:44 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-12 23:44 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-12 23:44 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-12 23:44 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-12 23:44 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-12 23:44 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-12 23:44 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-12 23:44 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-12 23:44 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-12 23:44 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-12 23:44 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-12 23:44 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-12 23:44 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-12 23:44 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-12 23:44 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-12 23:44 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-12 23:44 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-12 23:44 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-12 23:44 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-12 23:44 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-12 23:44 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-12 23:44 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-12 23:44 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-12 23:44 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-12 23:44 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-12 23:44 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-12 18:11 - 2016-02-12 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-12 18:09 - 2016-02-12 18:10 - 00000000 ____D C:\Windows.old
I then ran Farbar recovery scan tool. FRST:txt here:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
Ran by moshik (administrator) on DESKTOP-DT2TQHB (29-02-2016 18:20:03)
Running from C:\Users\moshik\Desktop\program installations
Loaded Profiles: moshik (Available Profiles: moshik)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\Dell-Notebook\CxUtilSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\Dell-Notebook\SmartAudio3.exe
() C:\Users\moshik\Desktop\program installations\WinXCorners_1.0\WinXCorners.exe
() C:\Program Files (x86)\TouchpadPal\TouchpadPal.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell) C:\Program Files\Dell\Product Registration\PRSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.16941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3885616 2015-07-23] (Dell Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [600496 2015-07-08] (Waves Audio Ltd.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\Conexant\SA3\Dell-Notebook\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.0\apmwinsrv.exe [66768 2013-01-16] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [dply_en_015020227] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.0\activation\hfsactivator.exe [245456 2013-01-16] ()
HKU\S-1-5-21-334763386-1307711864-355962522-1001\...\Run: [eM Client] => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
HKU\S-1-5-21-334763386-1307711864-355962522-1001\...\Run: [WinXCorners] => C:\Users\moshik\Desktop\program installations\WinXCorners_1.0\WinXCorners.exe [769536 2015-10-18] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TouchpadPal.lnk [2016-02-14]
ShortcutTarget: TouchpadPal.lnk -> C:\Program Files (x86)\TouchpadPal\TouchpadPal.exe ()
Startup: C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinXCorners.exe.lnk [2016-02-28]
ShortcutTarget: WinXCorners.exe.lnk -> C:\Users\moshik\Desktop\program installations\WinXCorners_1.0\WinXCorners.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-334763386-1307711864-355962522-1001] => hxxp://unblockservice.com/wpad.dat?6e0369d28547e1a0f0368964c6444f235619421
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{875f58a8-2459-405f-9bf8-1b8782142a8c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b2c42cef-eeb2-462d-ab39-5dd9addb1068}: [DhcpNameServer] 172.51.1.171
ManualProxies: 0hxxp://unblockservice.com/wpad.dat?6e0369d28547e1a0f0368964c6444f235619421
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-334763386-1307711864-355962522-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-334763386-1307711864-355962522-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-334763386-1307711864-355962522-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-334763386-1307711864-355962522-1001 -> DefaultScope {A88981D5-F706-41BC-ABF0-525D494243AE} URL =
SearchScopes: HKU\S-1-5-21-334763386-1307711864-355962522-1001 -> {A88981D5-F706-41BC-ABF0-525D494243AE} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3321538&octid=EB_ORIGINAL_CTID&ISID=M6F3E6A18-BF5A-458D-BA11-DF10F86B5807&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP18AC49F8-5173-44CA-BF0B-A0DE0378729D&D=020316
FF DefaultSearchEngine: Trovi
FF SelectedSearchEngine: Trovi
FF Homepage: hxxps://www.google.com/
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\searchplugins\smod.xml [2016-02-03]
FF SearchPlugin: C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\searchplugins\yoursearching.xml [2016-02-03]
FF Extension: FirefixTab - C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\Extensions\1454525752_xpi [2016-02-03] [not signed]
FF Extension: Avira Browser Safety - C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\Extensions\abs@avira.com.xpi [2016-02-04]
FF Extension: Adblock Plus - C:\Users\moshik\AppData\Roaming\Mozilla\Firefox\Profiles\c6jsw212.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-03]
FF HKLM\...\Firefox\Extensions: [{863F909E-C5C8-474E-86A4-48868331E5F5}] - C:\Program Files\groover030220162041\Firefox\{863F909E-C5C8-474E-86A4-48868331E5F5}.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{863F909E-C5C8-474E-86A4-48868331E5F5}] - C:\Program Files\groover030220162041\Firefox\{863F909E-C5C8-474E-86A4-48868331E5F5}.xpi => not found
Chrome:
=======
CHR HomePage: Default -> hxxp://feedly.com/I/my
CHR StartupUrls: Default -> "hxxp://www.igoogleportal.com/mypage/index.php#"
CHR NewTab: Default -> "chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR DefaultSearchURL: Default -> hxxps://adblockplus.org/favicon.ico
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-05]
CHR Extension: (Google Docs) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-05]
CHR Extension: (Google Drive) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-05]
CHR Extension: (YouTube) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-05]
CHR Extension: (Google Search) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-05]
CHR Extension: (Google Sheets) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-05]
CHR Extension: (Ad Block) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggohlamdcpdlpkfflfekhpioioocbfle [2016-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-05]
CHR Extension: (AdBlock) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (New Tab Redirect) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2016-02-06]
CHR Extension: (Popup Blocker Pro) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-02-05]
CHR Extension: (Adblock Plus • View topic - ABP icon ...) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\micelfbepmlpekpmfoinkpemgmppleod [2016-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-05]
CHR Extension: (Iminent NewTab) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn [2016-02-05]
CHR Extension: (Gmail) - C:\Users\moshik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olghjjajidfdflkafeekiojnfmiolccp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; c:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3744904 2015-06-19] (Intel Corporation)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [598448 2015-08-24] ()
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\Dell-Notebook\CxUtilSvc.exe [109184 2015-07-28] (Conexant Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-03] (Dropbox, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [119656 2016-01-15] (Dell)
R2 Dell Product Registration; C:\Program Files\Dell\Product Registration\PRSvc.exe [32104 2015-12-05] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-06-26] (Intel Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [361376 2015-08-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [564144 2015-07-08] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-01-16] (Paragon Software Group)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corp.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-06-26] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-06-26] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-06-26] (Intel Corporation)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [60624 2013-01-16] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [202960 2013-01-16] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-01-16] (Paragon Software Group)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [43512 2015-06-10] (Intel Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-06-16] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-08] (Intel Corporation)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-01-16] (Paragon Software Group)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-02-03] (DotC United Inc)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [6711048 2015-11-05] (Intel Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows (R) Win 7 DDK provider)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [31280 2015-04-14] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-29 18:19 - 2016-02-29 18:20 - 00000000 ____D C:\FRST
2016-02-28 19:19 - 2016-02-28 19:31 - 00000000 ____D C:\Users\moshik\AppData\Roaming\XnView
2016-02-28 19:19 - 2016-02-28 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-02-28 19:19 - 2016-02-28 19:19 - 00000000 ____D C:\Program Files (x86)\XnView
2016-02-28 18:12 - 2016-02-28 18:15 - 00000000 ____D C:\Users\moshik\AppData\Roaming\XnConvert
2016-02-28 17:37 - 2016-02-28 17:37 - 1055294474 _____ C:\WINDOWS\MEMORY.DMP
2016-02-28 17:37 - 2016-02-28 17:37 - 00286092 _____ C:\WINDOWS\Minidump\022816-6250-01.dmp
2016-02-28 17:37 - 2016-02-28 17:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-28 17:23 - 2016-02-28 17:23 - 00002123 _____ C:\Users\moshik\Desktop\Free Antivirus Profile Full scan.LNK
2016-02-27 13:58 - 2016-02-27 14:05 - 00000000 ____D C:\ProgramData\FastPictureViewer
2016-02-27 12:41 - 2016-02-27 13:26 - 02120280 _____ C:\Users\moshik\Desktop\eddie.psd
2016-02-25 14:22 - 2016-02-29 17:42 - 51231837 _____ C:\Users\moshik\Desktop\poster.psd
2016-02-24 21:15 - 2016-02-24 21:15 - 00000000 ____D C:\Users\moshik\Documents\Painter 2015 Recovered Files
2016-02-23 14:35 - 2016-02-27 19:31 - 00000000 ____D C:\Users\moshik\Downloads\Torrent
2016-02-23 11:24 - 2016-02-23 11:24 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Corel
2016-02-23 11:24 - 2016-02-23 11:24 - 00000000 ____D C:\ProgramData\Protexis64
2016-02-23 11:17 - 2016-02-23 11:17 - 00002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 2015.lnk
2016-02-23 11:17 - 2016-02-23 11:17 - 00000000 ____D C:\ProgramData\Corel
2016-02-23 11:17 - 2016-02-23 11:17 - 00000000 ____D C:\Program Files\Common Files\Protexis
2016-02-23 11:16 - 2016-02-23 11:16 - 00000000 ____D C:\Program Files\Corel
2016-02-23 10:33 - 2016-02-27 13:54 - 00000000 ____D C:\Users\moshik\AppData\LocalLow\uTorrent
2016-02-18 16:50 - 2016-02-18 16:50 - 00000000 ____D C:\Users\moshik\Desktop\Lynda.Wacom.Essential.Training.Full_p30download.com
2016-02-17 17:28 - 2016-02-17 17:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-02-17 15:33 - 2016-02-17 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-16 19:30 - 2016-02-29 17:37 - 00000000 ____D C:\Users\moshik\AppData\Roaming\MusicBee
2016-02-16 19:30 - 2016-02-16 19:30 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2016-02-16 15:18 - 2016-02-16 15:18 - 00000000 ____D C:\Users\moshik\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2016-02-15 23:44 - 2016-02-24 10:42 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Wings3D
2016-02-15 23:27 - 2016-02-15 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wings 3D 1.5.4
2016-02-15 23:27 - 2016-02-15 23:27 - 00000000 ____D C:\Program Files\wings3d_1.5.4
2016-02-15 23:07 - 2016-02-15 23:07 - 00000017 _____ C:\Users\moshik\AppData\Local\resmon.resmoncfg
2016-02-15 15:03 - 2016-02-15 15:03 - 00000000 ____D C:\Users\moshik\AppData\Roaming\WTablet
2016-02-15 15:02 - 2016-02-15 15:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2016-02-15 15:02 - 2016-02-15 15:02 - 00000000 ____D C:\Program Files\TabletPlugins
2016-02-15 15:02 - 2016-02-15 15:02 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2016-02-15 15:02 - 2015-11-30 18:34 - 00103616 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wachidrouter.sys
2016-02-15 15:02 - 2015-11-30 18:34 - 00015040 _____ (Wacom Technology) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys
2016-02-15 15:02 - 2015-11-30 18:34 - 00014016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2016-02-15 15:02 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfcoinstaller01009.dll
2016-02-15 15:01 - 2016-02-15 15:02 - 00000000 ____D C:\Program Files\Tablet
2016-02-15 15:01 - 2016-01-11 18:30 - 02103488 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\WacomMT.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 02077888 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 02071232 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Touch_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01966272 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Wintab32.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01683648 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\WacomMT.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01681600 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wacom_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01674432 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wacom_Touch_Tablet.dll
2016-02-15 15:01 - 2016-01-11 18:30 - 01571520 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Wintab32.dll
2016-02-15 14:40 - 2016-02-15 14:40 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-02-15 14:40 - 2016-02-15 14:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-02-15 14:40 - 2016-02-15 14:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-02-15 11:13 - 2016-02-15 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon HFS+ for Windows™ 10.0
2016-02-15 11:13 - 2016-02-15 11:13 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2016-02-15 11:13 - 2013-01-16 15:50 - 00202960 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\hfsplus.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00060624 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\gpt_loader.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00050896 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\apmwin.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00042704 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\mounthlp.sys
2016-02-15 11:13 - 2013-01-16 15:50 - 00015568 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\hfsplusrec.sys
2016-02-14 23:36 - 2016-02-18 16:36 - 00000000 ____D C:\Users\moshik\Desktop\tutorials
2016-02-14 23:29 - 2016-02-14 23:30 - 00000000 ____D C:\Users\moshik\Desktop\images
2016-02-14 23:28 - 2016-02-28 11:35 - 00000000 ____D C:\Users\moshik\Desktop\temp client
2016-02-14 23:25 - 2016-02-14 23:33 - 00000000 ____D C:\Users\moshik\Desktop\projects
2016-02-14 23:25 - 2016-02-14 23:25 - 00000000 ____D C:\Users\moshik\Desktop\Tattoo
2016-02-14 21:41 - 2016-02-14 23:23 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-02-14 21:41 - 2016-02-14 21:51 - 00000000 ____D C:\Users\Public\Foxit Software
2016-02-14 21:41 - 2016-02-14 21:51 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Foxit Software
2016-02-14 21:41 - 2016-02-14 21:41 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Foxit AgentInformation
2016-02-14 20:29 - 2016-02-14 20:29 - 00000000 ____D C:\Users\Public\Documents\ZBrushData
2016-02-14 20:28 - 2016-02-14 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2016-02-14 20:27 - 2016-02-14 20:27 - 00000000 ____D C:\Program Files (x86)\Pixologic
2016-02-14 16:01 - 2016-02-14 16:01 - 00000000 ____D C:\Users\moshik\AppData\Roaming\Windows Live Writer
2016-02-14 16:01 - 2016-02-14 16:01 - 00000000 ____D C:\Users\moshik\AppData\Local\Windows Live Writer
2016-02-14 16:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-02-14 16:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-02-14 16:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-02-14 16:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-02-14 16:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-02-14 16:00 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-02-14 16:00 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-02-14 15:59 - 2016-02-14 16:07 - 00000000 ____D C:\Users\moshik\AppData\Local\Windows Live
2016-02-14 15:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-02-14 15:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-02-14 15:42 - 2016-02-14 15:43 - 00000000 ____D C:\Users\moshik\AppData\Roaming\The Bat!
2016-02-14 15:42 - 2016-02-14 15:42 - 00001940 _____ C:\Users\moshik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Bat!.LNK
2016-02-13 22:57 - 2016-02-13 22:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-12 23:44 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-12 23:44 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-12 23:44 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-12 23:44 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-12 23:44 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-12 23:44 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-12 23:44 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-12 23:44 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-12 23:44 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-12 23:44 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-12 23:44 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-12 23:44 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-12 23:44 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-12 23:44 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-12 23:44 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-12 23:44 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-12 23:44 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-12 23:44 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-12 23:44 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-12 23:44 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-12 23:44 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-12 23:44 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-12 23:44 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-12 23:44 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-12 23:44 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-12 23:44 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-12 23:44 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-12 23:44 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-12 23:44 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-12 23:44 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-12 23:44 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-12 23:44 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-12 23:44 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-12 23:44 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-12 23:44 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-12 23:44 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-12 23:44 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-12 23:44 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-12 23:44 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-12 23:44 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-12 23:44 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-12 23:44 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-12 23:44 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-12 23:44 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-12 23:44 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-12 23:44 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-12 23:44 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-12 23:44 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-12 23:44 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-12 23:44 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-12 23:44 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-12 23:44 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-12 23:44 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-12 23:44 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-12 23:44 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-12 23:44 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-12 23:44 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-12 23:44 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-12 23:44 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-12 23:44 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-12 23:44 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-12 23:44 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-12 18:11 - 2016-02-12 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-12 18:09 - 2016-02-12 18:10 - 00000000 ____D C:\Windows.old