Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Please Help me guys!

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
summerbutter
Newbie


Joined: 28 Aug 2015
Last Visit: 28 Aug 2015
Posts: 1

PostPosted: Fri Aug 28, 2015 9:24 am    Post subject: Please Help me guys! Reply with quote

Hello! I'am a newbie here please look after me Very Happy

I'm having a problems about my Mozila Firefox and Google Chrome, even. I will explain here, but before i do, please excuse my error grammar because English isn't my first language Smile

Whenever i access my usual Kpop Forum (not only this sites, though) on Mozila Firefox it's always directed me to weird sites i don't even want. Like game downloader, English course, even my Facebook Dashboard. When i checked my ads on extension on my Firefox i found nothing wrong, and i've uninstalled some unused apps too, but my browser keep direct me to sites i don't even want. Then I searched Tutorial on Google but they recommended me to download AdwMalware but it didn't found any logs wrong from my Computer. And finally gladly my friend recommended me this helpful sites hehe i browse some thread here and i followed this instruction here to download FRST and the instruction said that i have to make a thread about my own result of 'FRST.txt' and 'Addition.txt'

so i just want to put it here!

FRST.txt

Code:
 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
Ran by USER (administrator) on NUNELYMEE (28-08-2015 23:44:33)
Running from C:\Users\USER\Downloads\Programs
Loaded Profiles: USER (Available Profiles: USER)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Smadsoft) C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2717176 2013-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-08-03] (Tonec Inc.)
HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\BOLT! 4G E5372s\BOLT! 4G E5372s
ShellIconOverlayIdentifiers: [! IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-07-24] (Tonec Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3452115558-3235719873-60570466-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3452115558-3235719873-60570466-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://u.msn.com/id-id/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3452115558-3235719873-60570466-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://id.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10195_swoc_campaign_150821__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{02E1FF3D-45D9-4824-B0D5-A5017C610DAF}: [NameServer] 82.163.143.169,82.163.142.171
Tcpip\..\Interfaces\{02E1FF3D-45D9-4824-B0D5-A5017C610DAF}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CDEB4841-A596-4D15-A245-4FD16C5ADD98}: [NameServer] 82.163.143.169,82.163.142.171
Tcpip\..\Interfaces\{CDEB4841-A596-4D15-A245-4FD16C5ADD98}: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\xa2672x2.default-1440779658447
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2015-08-13] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @lattice3d.com/XVL Player -> C:\Program Files\Lattice\Player3_x86\npxvlplay.dll [2015-02-26] (Lattice Technology Co.,Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-02] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-13]
FF HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Users\USER\AppData\Roaming\IDM\idmmzcc7
FF Extension: IDM integration - C:\Users\USER\AppData\Roaming\IDM\idmmzcc7 [2015-08-13]
FF HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5 [2015-08-27]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-13]
CHR Extension: (Google Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-13]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-13]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-13]
CHR Extension: (Google Search) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-13]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-08-13]
CHR Extension: (Google Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-13]
CHR Extension: (IDM Integration Module) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-08-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [380496 2014-05-12] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices) [File not signed]
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-03-25] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [27136 2014-03-24] (Windows (R) Win 7 DDK provider)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-28 23:44 - 2015-08-28 23:44 - 00000000 ____D C:\FRST
2015-08-28 22:58 - 2015-08-28 22:58 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-28 22:58 - 2015-08-28 22:58 - 00001119 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-28 22:58 - 2015-08-28 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 22:54 - 2015-08-28 22:54 - 00000000 ____D C:\Windows\system32\appmgmt
2015-08-28 22:51 - 2015-08-28 23:34 - 00000000 ____D C:\Users\USER\Desktop\Old Firefox Data
2015-08-28 22:45 - 2015-08-28 22:46 - 00000000 ____D C:\AdwCleaner
2015-08-28 19:02 - 2015-08-28 19:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-28 18:48 - 2015-08-28 18:48 - 00000000 ____D C:\Users\USER\AppData\Roaming\Sun
2015-08-28 18:48 - 2015-08-28 18:48 - 00000000 ____D C:\Users\USER\.oracle_jre_usage
2015-08-27 21:12 - 2015-08-27 22:48 - 00000000 ____D C:\Users\USER\Downloads\Video
2015-08-27 20:58 - 2015-08-27 20:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-27 15:21 - 2015-08-27 15:21 - 00001188 _____ C:\Users\Public\Desktop\BOLT! 4G E5372s.lnk
2015-08-27 15:21 - 2015-08-27 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOLT! 4G E5372s
2015-08-27 15:21 - 2014-04-16 12:52 - 00379392 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2015-08-27 15:21 - 2014-04-16 08:17 - 00124672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2015-08-27 15:21 - 2014-03-27 07:19 - 00457728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2015-08-27 15:21 - 2013-11-30 16:11 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2015-08-27 15:21 - 2013-11-30 16:10 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2015-08-27 15:21 - 2013-11-30 16:10 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2015-08-27 15:21 - 2013-11-30 16:10 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2015-08-27 15:21 - 2013-11-30 16:10 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2015-08-27 15:21 - 2013-11-30 15:55 - 00226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2015-08-27 15:21 - 2013-01-25 08:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2015-08-27 15:21 - 2012-12-22 08:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2015-08-27 15:21 - 2010-10-08 15:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2015-08-27 15:21 - 2010-09-26 17:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2015-08-27 15:20 - 2015-08-27 15:21 - 00000000 ____D C:\Program Files (x86)\BOLT! 4G E5372s
2015-08-26 15:34 - 2015-08-28 17:09 - 00000000 ____D C:\Users\USER\Downloads\PSDs
2015-08-25 21:25 - 2015-08-25 21:25 - 00000000 ____D C:\Program Files (x86)\eMedioSoft
2015-08-25 17:43 - 2015-08-26 17:19 - 00000000 ____D C:\Windows\Minidump
2015-08-25 01:40 - 2015-08-25 01:40 - 00000000 ____D C:\Users\USER\Downloads\Sylvain Reynard - Gabriel Series (1-2)
2015-08-25 01:34 - 2015-08-25 01:34 - 00335314 _____ C:\Users\USER\Downloads\EYES_OF_SILVER__EYES_OF_GOLD.epub
2015-08-24 13:50 - 2015-08-24 13:50 - 02764856 _____ C:\Users\USER\Downloads\junong.bmp
2015-08-24 13:50 - 2015-08-24 13:50 - 00000132 _____ C:\Users\USER\AppData\Roaming\Adobe BMP Format CC Prefs
2015-08-22 01:28 - 2015-08-22 01:28 - 00000000 ____D C:\Users\USER\Downloads\Alessandra Torre
2015-08-22 01:15 - 2015-08-22 01:15 - 00430380 ____R C:\Users\USER\Downloads\Hero - Samantha  Young.epub
2015-08-22 00:38 - 2015-08-22 00:38 - 00000000 ____D C:\Users\USER\Downloads\The Time Traveler's Wife by Audrey Niffenegger - [praful99]
2015-08-22 00:36 - 2015-08-22 00:36 - 05988926 ____R C:\Users\USER\Downloads\Susan Elizabeth Phillips.zip
2015-08-22 00:34 - 2015-08-26 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-08-22 00:34 - 2015-08-23 22:05 - 00003000 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-08-22 00:34 - 2015-08-23 22:05 - 00003000 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-08-22 00:34 - 2015-08-22 00:33 - 00422400 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-08-22 00:34 - 2015-08-22 00:33 - 00342016 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-08-22 00:33 - 2015-08-22 00:33 - 00002642 _____ C:\Users\USER\Desktop\µTorrent.lnk
2015-08-22 00:32 - 2015-08-25 14:25 - 00000000 ____D C:\Users\USER\AppData\Roaming\uTorrent
2015-08-21 19:13 - 2015-08-21 19:13 - 00000877 _____ C:\Users\Public\Desktop\AIMP3.lnk
2015-08-21 19:13 - 2015-08-21 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2015-08-19 15:54 - 2011-12-28 02:23 - 00078144 ____N C:\Users\USER\Downloads\Tangled.2010.720p.x264.Br.YIFY.srt
2015-08-19 15:06 - 2015-02-05 00:24 - 00115205 ____N C:\Users\USER\Downloads\Big.Hero.6.2014.720p.BluRay.x264-SPARKS.srt
2015-08-19 13:52 - 2015-08-19 13:53 - 00000000 ____D C:\Users\USER\Desktop\Adobe
2015-08-19 13:52 - 2015-08-19 13:52 - 00000000 ____D C:\Users\USER\Desktop\Microsoft Profesional
2015-08-19 13:51 - 2015-08-19 13:51 - 00000000 ____D C:\Users\USER\Desktop\Corel Tool
2015-08-19 13:44 - 2015-08-26 17:21 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-19 13:44 - 2015-08-26 17:21 - 00000000 ____D C:\Program Files\CCleaner
2015-08-19 13:44 - 2015-08-19 13:44 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-08-19 13:44 - 2015-08-19 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-18 14:38 - 2015-08-18 14:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-18 14:38 - 2015-08-18 14:38 - 00000000 ____D C:\Program Files\MSBuild
2015-08-18 14:38 - 2015-08-18 14:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-18 14:38 - 2015-08-18 14:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-18 14:34 - 2013-08-03 11:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-08-18 14:34 - 2013-08-03 11:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 14:34 - 2013-08-03 11:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-08-18 14:34 - 2013-08-03 11:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-08-18 14:34 - 2013-08-03 11:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 14:34 - 2013-08-03 11:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-08-17 23:14 - 2015-08-17 23:14 - 09920895 _____ C:\Users\USER\Downloads\M.Joon - M8 [www.k2nblog.com].rar
2015-08-17 23:01 - 2015-08-28 15:09 - 00000000 ____D C:\Lyrics
2015-08-17 23:01 - 2015-08-17 23:01 - 00001075 _____ C:\Users\Public\Desktop\MiniLyrics.lnk
2015-08-15 15:09 - 2015-08-15 15:09 - 00000000 ____D C:\Users\USER\Documents\Adobe
2015-08-14 15:38 - 2015-08-14 15:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
2015-08-14 15:37 - 2015-08-27 15:21 - 00000000 ____D C:\ProgramData\DataCardService
2015-08-14 15:37 - 2015-08-14 15:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-08-14 15:37 - 2012-08-20 07:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-08-14 15:37 - 2012-08-20 07:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-08-14 15:21 - 2015-08-14 13:41 - 00000030 _____ C:\AVScanner.ini
2015-08-14 14:55 - 2015-08-28 18:32 - 00001456 _____ C:\Users\USER\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-08-14 13:56 - 2015-08-28 17:46 - 00000132 _____ C:\Users\USER\AppData\Roaming\Adobe PNG Format CC Prefs
2015-08-14 13:41 - 2015-08-14 13:41 - 00000000 ____D C:\ProgramData\McAfee
2015-08-14 13:13 - 2015-08-14 13:13 - 00003028 _____ C:\Windows\System32\Tasks\{D43EF73E-0B55-4532-B7FB-A5064C0F95CF}
2015-08-13 21:43 - 2015-08-14 16:33 - 00000000 ____D C:\Users\USER\Downloads\Shareit
2015-08-13 21:41 - 2015-08-13 21:41 - 00001216 _____ C:\Users\Public\Desktop\SHAREit.lnk
2015-08-13 21:41 - 2015-08-13 21:41 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2015-08-13 21:41 - 2015-08-13 21:41 - 00000000 ____D C:\Windows\Downloaded Installations
2015-08-13 21:41 - 2015-08-13 21:41 - 00000000 ____D C:\Users\USER\AppData\Local\Lenovo
2015-08-13 21:41 - 2015-08-13 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-13 21:41 - 2015-08-13 21:41 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-13 21:37 - 2015-08-28 18:37 - 00000000 ____D C:\Users\USER\AppData\Roaming\AIMP3
2015-08-13 21:37 - 2015-08-21 19:13 - 00000000 ____D C:\Program Files (x86)\AIMP3
2015-08-13 21:28 - 2015-08-28 18:50 - 00000000 ____D C:\ProgramData\Oracle
2015-08-13 21:12 - 2015-08-28 23:31 - 00000000 ____D C:\Users\USER\AppData\Roaming\IDM
2015-08-13 21:12 - 2015-08-28 20:52 - 00000000 ____D C:\Users\USER\AppData\Roaming\DMCache
2015-08-13 21:12 - 2015-08-28 17:26 - 00000000 ____D C:\Users\USER\Downloads\Compressed
2015-08-13 21:12 - 2015-08-13 21:12 - 00001021 _____ C:\Users\USER\Desktop\Internet Download Manager.lnk
2015-08-13 21:12 - 2015-08-13 21:12 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-08-13 21:12 - 2015-08-13 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-08-13 21:12 - 2015-08-13 21:12 - 00000000 ____D C:\ProgramData\IDM
2015-08-13 21:12 - 2015-08-13 21:12 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-08-13 21:11 - 2015-08-13 21:11 - 08494007 _____ C:\Users\USER\Downloads\Internet Download Manager 6.23 Build 18.rar
2015-08-13 21:11 - 2015-08-04 06:04 - 00000000 ____D C:\Users\USER\Downloads\Internet Download Manager 6.23 Build 18
2015-08-13 21:10 - 2015-08-13 21:10 - 01959672 _____ C:\Users\USER\Downloads\winrar-x64-53b2.exe
2015-08-13 21:10 - 2015-08-13 21:10 - 00000000 ____D C:\Users\USER\AppData\Roaming\WinRAR
2015-08-13 21:10 - 2015-08-13 21:10 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-13 21:10 - 2015-08-13 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-13 21:10 - 2015-08-13 21:10 - 00000000 ____D C:\Program Files\WinRAR
2015-08-13 19:37 - 2015-08-28 23:30 - 00000000 ____D C:\Program Files (x86)\SMADAV
2015-08-13 19:37 - 2015-08-23 19:22 - 00000000 __SHD C:\[Smad-Cage]
2015-08-13 19:37 - 2015-08-13 19:37 - 01309797 _____ (SmadSoft ) C:\Users\USER\Downloads\smadav1025.exe
2015-08-13 19:37 - 2015-08-13 19:37 - 00003238 _____ C:\Windows\System32\Tasks\smadav
2015-08-13 19:37 - 2015-08-13 19:37 - 00001084 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2015-08-13 19:37 - 2015-08-13 19:37 - 00000000 ____D C:\Users\USER\AppData\Roaming\Smadav
2015-08-13 19:37 - 2015-08-13 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2015-08-13 19:33 - 2015-08-28 19:33 - 00000418 _____ C:\Windows\Tasks\Scientifix.job
2015-08-13 19:33 - 2015-08-13 19:33 - 00003302 _____ C:\Windows\System32\Tasks\Scientifix
2015-08-13 19:25 - 2015-08-13 19:26 - 03659561 _____ C:\Users\USER\Downloads\WinRAR 5.11 (FULL + Keygen).zip
2015-08-13 19:25 - 2015-08-13 19:25 - 00000000 ____D C:\Users\USER\AppData\Local\Macromedia
2015-08-13 19:00 - 2015-08-13 19:00 - 00002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-13 19:00 - 2015-08-13 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-13 18:57 - 2015-08-13 18:57 - 00931408 _____ (Google Inc.) C:\Users\USER\Downloads\ChromeSetup.exe
2015-08-13 18:55 - 2015-08-13 18:55 - 00000000 ____D C:\Users\USER\AppData\Roaming\Mozilla
2015-08-13 18:52 - 2015-08-23 21:52 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D64F3CA0-2118-45DF-B635-06AFE1913837}
2015-08-13 18:10 - 2015-08-28 11:34 - 00000000 ____D C:\Users\USER\AppData\Roaming\dvdcss
2015-08-13 15:45 - 2015-08-28 17:53 - 00000000 ____D C:\KMPlayer
2015-08-13 15:45 - 2015-08-13 15:45 - 00000614 _____ C:\Users\USER\Desktop\KMPlayer.lnk
2015-08-13 15:45 - 2015-08-13 15:45 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-08-13 15:43 - 2015-08-13 15:43 - 00000000 ____D C:\ProgramData\TaskMgr
2015-08-13 15:41 - 2015-08-13 15:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-08-13 15:31 - 2015-08-13 15:44 - 33837152 _____ (PandoraTV) C:\Users\USER\Downloads\3.9.1.138_20150812070707.exe
2015-08-13 15:14 - 2015-08-13 15:14 - 00003202 _____ C:\Windows\System32\Tasks\AutoKMSCustom
2015-08-13 15:09 - 2015-08-14 12:41 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-08-13 15:09 - 2015-08-14 12:41 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-08-13 15:09 - 2015-08-14 12:41 - 00002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-08-13 15:07 - 2015-08-28 16:20 - 00000000 ____D C:\Users\USER\AppData\Roaming\vlc
2015-08-13 15:07 - 2015-08-13 15:07 - 00001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-08-13 15:07 - 2015-08-13 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-13 15:06 - 2015-08-13 15:06 - 00000000 ____D C:\Users\USER\AppData\Local\Mozilla
2015-08-13 15:06 - 2015-08-13 15:06 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-08-13 15:05 - 2015-08-13 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-13 15:05 - 2015-08-13 15:05 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-08-13 15:05 - 2013-08-23 01:09 - 00256088 _____ C:\Windows\system32\unrar64.dll
2015-08-13 15:05 - 2013-08-23 01:09 - 00217176 _____ C:\Windows\SysWOW64\unrar.dll
2015-08-13 15:04 - 2015-08-13 15:04 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-08-13 15:04 - 2015-08-13 15:04 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-08-13 15:03 - 2015-08-13 19:00 - 00000000 ____D C:\Users\USER\AppData\Local\Google
2015-08-13 15:03 - 2015-08-13 19:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-13 15:02 - 2015-08-17 21:03 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-13 14:56 - 2015-08-15 14:59 - 00000000 ____D C:\Users\USER\Documents\Corel
2015-08-13 14:56 - 2015-08-13 14:56 - 00000000 ____D C:\Users\USER\Documents\My Palettes
2015-08-13 14:53 - 2015-08-13 14:53 - 00000000 ____D C:\Users\USER\AppData\Roaming\Corel
2015-08-13 14:53 - 2015-08-13 14:53 - 00000000 ____D C:\ProgramData\Protexis64
2015-08-13 14:51 - 2015-08-13 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lattice3D Player 64-bit Edition
2015-08-13 14:49 - 2015-08-13 14:49 - 00000000 ____D C:\Users\USER\AppData\Roaming\ATI
2015-08-13 14:49 - 2015-08-13 14:49 - 00000000 ____D C:\Users\USER\AppData\Local\ATI
2015-08-13 14:49 - 2015-08-13 14:49 - 00000000 ____D C:\Users\USER\AppData\Local\AMD
2015-08-13 14:49 - 2015-08-13 14:49 - 00000000 ____D C:\ProgramData\ATI
2015-08-13 14:47 - 2015-08-13 14:51 - 00000000 ____D C:\Program Files\Lattice
2015-08-13 14:45 - 2015-08-13 14:45 - 00000000 ____D C:\Program Files\Common Files\Protexis
2015-08-13 14:45 - 2015-08-13 14:45 - 00000000 ____D C:\Program Files\Common Files\Corel
2015-08-13 14:43 - 2015-08-13 14:43 - 00000000 ____D C:\Users\Public\Documents\Corel
2015-08-13 14:42 - 2015-08-13 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Technical Suite X7 (64-bit)
2015-08-13 14:41 - 2015-08-13 14:45 - 00000000 ____D C:\ProgramData\Corel
2015-08-13 14:40 - 2015-08-13 14:41 - 00000000 ____D C:\Program Files\Corel
2015-08-03 19:07 - 2015-06-12 09:00 - 00197616 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-28 23:00 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-28 22:59 - 2013-08-22 16:58 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3452115558-3235719873-60570466-1001
2015-08-28 22:58 - 2013-08-26 16:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 22:48 - 2013-08-22 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-28 18:41 - 2013-08-22 21:44 - 05251360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-27 22:37 - 2013-08-22 16:57 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 20:55 - 2013-08-22 20:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-22 18:13 - 2013-12-31 13:05 - 00000000 ____D C:\Users\USER\Documents\Susan Elizabeth Phillips
2015-08-19 22:12 - 2013-08-26 16:28 - 00000000 ____D C:\Windows\AutoKMS
2015-08-19 13:45 - 2013-08-22 17:41 - 00000000 ____D C:\Windows\Panther
2015-08-18 16:20 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\rescache
2015-08-18 14:38 - 2013-08-22 22:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-17 21:02 - 2013-08-26 16:29 - 00000000 ____D C:\ProgramData\Adobe
2015-08-15 15:09 - 2013-08-22 16:52 - 00000000 ____D C:\Users\USER\AppData\Roaming\Adobe
2015-08-14 15:31 - 2013-08-26 16:29 - 00000000 ____D C:\Users\USER\AppData\Local\Adobe
2015-08-14 12:41 - 2013-08-26 16:32 - 00001486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-08-13 15:08 - 2013-08-26 16:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-13 14:52 - 2013-08-22 22:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-13 14:52 - 2013-08-22 17:24 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-13 14:51 - 2013-08-22 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-08-24 13:50 - 2015-08-24 13:50 - 0000132 _____ () C:\Users\USER\AppData\Roaming\Adobe BMP Format CC Prefs
2015-08-14 13:56 - 2015-08-28 17:46 - 0000132 _____ () C:\Users\USER\AppData\Roaming\Adobe PNG Format CC Prefs
2015-08-14 14:55 - 2015-08-28 18:32 - 0001456 _____ () C:\Users\USER\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-08-26 16:17 - 2013-08-26 16:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\USER\AppData\Local\Temp\jre-8u60-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-23 15:52

==================== End of FRST.txt ============================



Addition.txt

[code:1:a325ee0103] Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-08-2015
Ran by USER (2015-08-28 23:45:28)
Running from C:\Users\USER\Downloads\Programs
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3452115558-3235719873-60570466-500 - Administrator - Disabled)
Guest (S-1-5-21-3452115558-3235719873-60570466-501 - Limited - Disabled)
USER (S-1-5-21-3452115558-3235719873-60570466-1001 - Administrator - Enabled) => C:\Users\USER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.12 - Adobe Systems)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1497, 15.07.2015 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{D7FE632E-A3B5-CB84-C4C5-02F61BB51919}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.8 - Qualcomm Atheros)
BOLT! 4G E5372s (HKLM-x32\...\BOLT! 4G E5372s) (Version: 1.12.06.1151 - Huawei Technologies Co.,Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CDTS17_Setup_x64 (Version: 17.4 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{9DA7C2FD-AD83-4E2E-B9F2-9996749318E0}) (Version: 17.4.0.887 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.4.887 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.4.887 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Capture (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Common (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Common App (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Connect (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Custom Data (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - DE (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Designer (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Draw (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - EN (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Equation Editor (x32 Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Filters (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - FontNav (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - FR (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - IPM Content (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - IPM T (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - IPM XVL (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - PHOTO-PAINT (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Photozoom Plugin (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Redist (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Setup Files (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - VBA (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - VideoBrowser (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 - Writing Tools (x64) (Version: 17.4 - Corel Corporation) Hidden
CorelDRAW Technical Suite X7 (64-Bit) (HKLM\...\_{A4B5A413-B7CF-415F-8994-595DB2EFE848}) (Version: 17.4.0.887 - Corel Corporation)
Genesys Logic USB2.0 Card Reader (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.138 - PandoraTV)
Lattice3D Player / Lattice3D Player Pro 64-bit Edition (HKLM-x32\...\{936575FE-E49B-4CE9-9934-0329727476C8}) (Version: 14.1a - Lattice Technology)
Lattice3D Studio Corel Edition x64 (HKLM-x32\...\{A7161767-5AFE-4725-9DB0-AED7FB5FBA40}) (Version: 2.0 - Lattice Technology)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Runtime VS2005 SP1 CRT 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 MFC 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 All 6195 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 CRT 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2005 SP1 x64 OpenMP 762 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime VS2008 x64 CRT 1 (x32 Version: 0 - Lattice Technology Co.,Ltd.) Hidden
Runtime_MSI_VS2005_SP1_CRT_6195 (x32 Version: 1.00.0000 - Your Company Name) Hidden
Runtime_MSI_VS2005_SP1_MFC_6195 (x32 Version: 1.00.0000 - Your Company Name) Hidden
Runtime_MSI_VS2005_SP1_MFCLOC_6195 (x32 Version: 1.00.0000 - Lattice Technology) Hidden
Runtime_MSI_VS2005_SP1_x64_CRT_6195 (Version: 1.00.0000 - Your Company Name) Hidden
Runtime_MSI_VS2005_SP1_x64_MFC_6195 (Version: 1.00.0000 - Your Company Name) Hidden
Runtime_MSI_VS2005_SP1_x64_MFCLOC_6195 (Version: 1.00.0000 - Lattice Technology) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.1 - Lenovo Group Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.2 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6629.6406 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WinRAR 5.30 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.2 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-08-2015 14:45:55 Installed Lattice3D Studio Corel Edition x64
18-08-2015 14:30:01 Windows Modules Installer
28-08-2015 13:37:13 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 20:25 - 2013-08-22 20:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1FBD4332-17C5-4029-9ABE-9C2CADC566A7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {2331E302-C6CF-4235-9A22-752396F329F7} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-25] (Synaptics Incorporated)
Task: {56598C3D-6B68-4405-89B8-5C32FDC37497} - System32\Tasks\KMS Server OnLogon Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-14] (MDL)
Task: {59CFA6B3-B7B0-41B3-AA51-D900A58DBFBB} - System32\Tasks\KMS Server Daily Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-14] (MDL)
Task: {60A8075A-4291-4E17-B5A9-3092190DA70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {6750E214-D044-4CFA-BF40-B18F64A10155} - System32\Tasks\{D43EF73E-0B55-4532-B7FB-A5064C0F95CF} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {839F3C27-13A2-495F-BD0C-BA071D169F96} - System32\Tasks\AutoKMSCustom => \AutoKMS.exe
Task: {9A90D4BC-07E5-4DA3-BF2E-EDAB72C84046} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [2015-07-08] (Smadsoft)
Task: {B33AE781-557D-4C77-A125-4A0C374105B3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {C66B155D-BC15-4B8C-B260-94F8779B8516} - System32\Tasks\Scientifix => c:\programdata\{af611bcd-df6b-6520-af61-11bcddf66f37}\winrar v5.21 final keygen is here ! [updated].exe <==== ATTENTION
Task: {CE56F1C1-A2A3-4C70-9CD6-B8D63EE61B27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {EFFC6FE8-D8F4-4BBA-8D86-BA9D86DBE54E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {FB628ACC-51A3-431C-A200-79755B47B4B1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26] (Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Scientifix.job => c:\programdata\{af611bcd-df6b-6520-af61-11bcddf66f37}\winrar v5.21 final keygen is here ! [updated].exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2013-08-15 22:21 - 2013-08-15 22:21 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-12 08:13 - 2014-05-12 08:13 - 00380496 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-10-02 10:36 - 2012-10-02 10:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-19 08:38 - 2012-07-19 08:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-15 22:21 - 2013-08-15 22:21 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-08-13 19:00 - 2015-08-08 07:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 19:00 - 2015-08-08 07:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3452115558-3235719873-60570466-1001\...\webcompanion.com -> hxxp://webcompanion.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3452115558-3235719873-60570466-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\USER\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 82.163.143.169 - 82.163.142.171
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{1747D9DB-E346-4E92-B3BB-CDBD9BEA36B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{66121C0C-143F-4251-A09B-4FDCB86051A1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8DC7B790-3A64-4658-BB3C-7D4094A88B63}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{22C54322-162E-471E-943B-43D6E0A35973}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{BBCCE9AD-7B49-4CDA-9620-C3C0A613EBB2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{9296D3D6-E367-4CBA-9E60-0B85BB1CEDE7}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
Fi
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Sat Aug 29, 2015 2:33 am    Post subject: Reply with quote

This forum does not support the use of Pirated or otherwise illegal software. If such software is found on your computer we reserve the right to refuse our help.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW set of FRST logs.

This Topic is Now Closed
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group