Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2016 Ran by b (administrator) on B-PC (14-09-2016 17:19:53) Running from C:\Users\b\Desktop Loaded Profiles: b (Available Profiles: b) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser not detected!) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Cezurity) C:\Program Files\Cezurity\Antivirus\CzAvSvc.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Woogable Ltd.) C:\Program Files\Globus\GlobusService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Cezurity) C:\Program Files\Cezurity\Antivirus\Cezurity_Antivirus.exe (Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\ACD Systems\ACDSee Pro\9.0\ACDSeeCommanderPro9.exe ( New Softwares.net) C:\Windows\System32\WinFLTray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare) HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [5046640 2016-09-13] (McAfee Inc.) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [ZuneClock] => C:\Program Files\ZuneClock\ZuneClock.exe [721408 2008-12-12] () HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [FreeAC] => C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [ACDSeeCommanderPro9] => C:\Program Files\ACD Systems\ACDSee Pro\9.0\ACDSeeCommanderPro9.exe [2972856 2016-06-16] () HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [PSwitch] => C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe [6014456 2016-08-24] (Proxy Switcher) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [Privacy Eraser] => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [4629504 2016-07-16] (Cybertron Software, Co., Ltd.) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [WinFLTray] => C:\Windows\system32\WinFLTray.exe [330704 2016-05-06] ( New Softwares.net) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [FLBackup] => C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe [276432 2016-05-06] (New Softwares.net) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [HotAlarmClock] => C:\Program Files\HotAlarmClock\HotAlarmClock.exe [28506016 2016-01-26] (Comfort Software Group) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [Avira Scout Update] => C:\Users\b\AppData\Local\Avira\Scout Update\ScoutUpdate.exe [157656 2016-09-08] (Avira Operations GmbH \u0026 Co. KG) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6851288 2016-07-13] (Piriform Ltd) HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6825888 2016-09-12] (SUPERAntiSpyware) Startup: C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CaptureWiz.lnk [2016-07-02] ShortcutTarget: CaptureWiz.lnk -> C:\Program Files\CaptureWiz\Pro\CaptureWiz.exe (PixelMetrics) BootExecute: ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A4D93AD9-B4D2-4512-A304-CF9421B9E52D}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP HKU\S-1-5-21-2555542477-2720736690-3888076148-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-sa/?pc=UE09&ocid=UE09DHP SearchScopes: HKLM -> DefaultScope value is missing BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-11] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-11] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\xaqqi1it.default-1473816642883 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] () FF Extension: (Firefox Hotfix) - C:\Users\b\AppData\Roaming\Mozilla\Firefox\Profiles\xaqqi1it.default-1473816642883\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-14] Opera: ======= StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com) R2 CezurityAntivirusService; C:\Program Files\Cezurity\Antivirus\CzAvSvc.exe [5086856 2016-06-07] (Cezurity) R2 Globus; C:\Program Files\Globus\GlobusService.exe [1228384 2016-04-14] (Woogable Ltd.) [File not signed] S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [113632 2016-04-30] (SurfRight B.V.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2016-09-13] (McAfee, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 cz_antvr; C:\Windows\System32\Drivers\cz_antvr.sys [2297456 2016-06-07] (Cezurity) R1 cz_ddall; C:\Windows\system32\Drivers\cz_ddall.sys [1370736 2016-06-07] (Cezurity) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [63680 2016-04-30] () S3 GUMHFilter; C:\Windows\System32\DRIVERS\GUMHFilter.sys [18560 2016-02-18] (GlarySoft Ltd) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [170200 2016-09-12] (Malwarebytes) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2016-09-13] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [91840 2016-09-13] (McAfee, Inc.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.) R1 RemoveAny; C:\Windows\system32\Drivers\removeany.sys [16456 2013-09-26] (HeavenWard) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 tap0903; C:\Windows\System32\DRIVERS\tap0903.sys [33536 2015-08-24] (The OpenVPN Project) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-09-12] () S3 trufos; C:\Windows\System32\drivers\trufos.sys [343456 2016-04-10] (BitDefender S.R.L.) R1 WinDetect; C:\Windows\system32\Drivers\windetect.sys [16488 2016-03-03] (HeavenWard) R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2016-09-12] (Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-14 17:19 - 2016-09-14 17:20 - 00009527 _____ C:\Users\b\Desktop\FRST.txt 2016-09-14 16:39 - 2016-09-14 16:39 - 00000000 ____D C:\Users\b\AppData\Roaming\Macromedia 2016-09-14 16:39 - 2016-09-14 16:39 - 00000000 ____D C:\Users\b\AppData\Local\Macromedia 2016-09-14 16:37 - 2016-09-14 16:38 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-09-14 16:37 - 2016-09-14 16:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-09-14 05:53 - 2016-09-14 05:53 - 01224896 _____ (Adobe Systems Incorporated) C:\Users\b\Downloads\uninstall_flash_player(1).exe 2016-09-14 05:05 - 2016-09-14 05:05 - 00061568 _____ C:\Users\b\AppData\Local\GDIPFONTCACHEV1.DAT 2016-09-14 05:02 - 2016-09-14 05:03 - 00275208 _____ C:\Windows\system32\FNTCACHE.DAT 2016-09-14 02:08 - 2016-09-14 02:09 - 27466906 _____ C:\Users\b\Downloads\tweaking.com_windows_repair_aio.zip 2016-09-14 01:07 - 2016-09-02 18:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-09-14 01:07 - 2016-09-02 18:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-09-14 01:07 - 2016-09-02 18:21 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-09-14 01:07 - 2016-09-02 18:21 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-09-14 01:07 - 2016-09-02 18:18 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-09-14 01:07 - 2016-09-02 18:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-09-14 01:07 - 2016-09-02 17:53 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-09-14 01:07 - 2016-09-02 17:53 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-09-14 01:07 - 2016-09-02 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-09-14 01:07 - 2016-09-02 17:53 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-09-14 01:07 - 2016-09-02 17:53 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-09-14 01:07 - 2016-09-02 17:51 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-09-14 01:07 - 2016-09-02 17:49 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-09-14 01:07 - 2016-09-02 17:49 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-09-14 01:07 - 2016-09-02 17:49 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-09-14 01:07 - 2016-09-02 17:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-09-14 01:07 - 2016-09-02 17:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-09-14 01:07 - 2016-09-02 17:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-09-14 01:07 - 2016-09-02 17:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-09-14 01:06 - 2016-09-01 21:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-09-14 01:06 - 2016-09-01 06:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-09-14 01:06 - 2016-09-01 06:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-09-14 01:06 - 2016-09-01 06:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-09-14 01:06 - 2016-09-01 05:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-09-14 01:06 - 2016-09-01 05:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-09-14 01:06 - 2016-09-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-09-14 01:06 - 2016-09-01 05:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-09-14 01:06 - 2016-09-01 05:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-09-14 01:06 - 2016-09-01 05:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-09-14 01:06 - 2016-09-01 05:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-09-14 01:06 - 2016-09-01 05:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-09-14 01:06 - 2016-09-01 05:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-09-14 01:06 - 2016-09-01 05:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-09-14 01:06 - 2016-09-01 05:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-09-14 01:06 - 2016-09-01 05:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-09-14 01:06 - 2016-09-01 05:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-09-14 01:06 - 2016-09-01 05:14 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-09-14 01:06 - 2016-09-01 05:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-09-14 01:06 - 2016-09-01 04:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-09-14 01:06 - 2016-09-01 04:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-09-14 01:06 - 2016-09-01 04:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-09-14 01:06 - 2016-09-01 04:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-09-14 01:06 - 2016-09-01 04:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-09-14 01:06 - 2016-09-01 04:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-09-14 01:06 - 2016-09-01 04:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-09-14 01:06 - 2016-09-01 04:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-09-14 01:06 - 2016-09-01 04:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-09-14 01:06 - 2016-09-01 04:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-09-14 01:06 - 2016-09-01 04:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-09-14 01:06 - 2016-09-01 04:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-09-14 01:06 - 2016-09-01 04:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-09-14 01:06 - 2016-09-01 03:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-09-14 01:06 - 2016-09-01 03:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-09-14 01:06 - 2016-09-01 03:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-09-14 00:57 - 2016-09-14 00:57 - 06041014 _____ C:\Users\b\Downloads\إحتلال نسخة قيمزر 7 من قبل الداهية أبو درب.mp4 2016-09-14 00:54 - 2016-09-14 00:54 - 02417940 _____ C:\Users\b\Downloads\رسالة ابودرب الخبلاوي الى إدارة موقع قيمزر.mp4 2016-09-14 00:44 - 2016-08-16 05:48 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-09-14 00:44 - 2016-08-16 05:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-09-14 00:44 - 2016-08-12 19:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-09-14 00:44 - 2016-08-12 19:21 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-09-14 00:44 - 2016-08-12 19:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-09-14 00:44 - 2016-08-06 18:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-09-13 06:23 - 2016-09-13 06:23 - 00000304 _____ C:\Users\b\Desktop\SearchReg.txt 2016-09-13 06:14 - 2016-09-13 06:14 - 00000000 _____ C:\Users\b\Desktop\New Text Document (2).txt 2016-09-13 06:12 - 2016-09-13 06:25 - 00000592 _____ C:\Users\b\Desktop\Fixlog.txt 2016-09-13 05:55 - 2016-09-13 05:56 - 00036232 _____ C:\Users\b\Downloads\Addition.txt 2016-09-13 05:54 - 2016-09-14 17:19 - 00000000 ____D C:\FRST 2016-09-13 05:54 - 2016-09-13 05:56 - 00048009 _____ C:\Users\b\Downloads\FRST.txt 2016-09-13 05:53 - 2016-09-13 05:53 - 01748992 _____ (Farbar) C:\Users\b\Desktop\FRST.exe 2016-09-13 04:36 - 2016-09-13 04:36 - 00979097 _____ ( ) C:\Users\b\Downloads\HDVideoPlayer_1922230526.exe 2016-09-13 01:24 - 2016-09-13 01:25 - 02216075 _____ C:\Users\b\Downloads\com.nineapps_v3.0.5.0_android_(Build0609011815).apk 2016-09-13 01:06 - 2016-09-13 01:06 - 00000106 ___RH C:\Users\b\Downloads\Stinger.opt 2016-09-13 00:08 - 2016-09-13 00:08 - 00648552 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys 2016-09-13 00:08 - 2016-09-13 00:08 - 00238288 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe 2016-09-13 00:08 - 2016-09-13 00:08 - 00091840 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mferkdet.sys 2016-09-13 00:06 - 2016-09-13 00:59 - 00000858 _____ C:\Users\b\Downloads\Stinger_13092016_000653.html 2016-09-13 00:03 - 2016-09-13 00:04 - 16315760 _____ (McAfee Inc) C:\Users\b\Downloads\stinger32(1).exe 2016-09-12 23:55 - 2016-09-12 23:56 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\b\Downloads\rkill.exe 2016-09-12 23:49 - 2016-09-12 23:49 - 02248504 _____ (Runscanner.net) C:\Users\b\Downloads\runscanner.exe 2016-09-12 23:32 - 2016-09-12 23:53 - 355359688 _____ (MicroWorld Technologies Inc. ) C:\Users\b\Downloads\twn4k3ek.exe 2016-09-12 23:24 - 2016-09-12 23:24 - 00000000 ____D C:\Program Files\ESET 2016-09-12 23:10 - 2016-09-12 23:10 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-09-12 22:41 - 2016-09-12 22:41 - 02374144 _____ C:\Users\b\Downloads\ZHPCleaner.exe 2016-09-12 22:38 - 2016-09-12 22:38 - 02374144 _____ C:\Users\b\ZHPCleaner.exe 2016-09-12 07:47 - 2016-09-12 07:47 - 00001965 _____ C:\Users\b\Desktop\SUPERAntiSpyware Free Edition.lnk 2016-09-12 07:47 - 2016-09-12 07:47 - 00000000 ____D C:\Users\b\AppData\Roaming\SUPERAntiSpyware.com 2016-09-12 07:47 - 2016-09-12 07:47 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2016-09-12 07:46 - 2016-09-12 19:56 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2016-09-12 07:46 - 2016-09-12 07:46 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2016-09-12 02:10 - 2016-09-12 02:35 - 00000000 ____D C:\Users\b\Downloads\TrendMicro AntiThreat Toolkit 2016-09-12 02:10 - 2016-09-12 02:10 - 00305928 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys 2016-09-12 01:58 - 2016-09-12 01:58 - 00000738 _____ C:\Users\Public\Desktop\Force Byte Detector.lnk 2016-09-12 01:58 - 2016-09-12 01:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Force Byte Detector 2016-09-12 01:58 - 2016-09-12 01:58 - 00000000 ____D C:\Force Byte Detector 2016-09-12 01:56 - 2016-09-12 01:57 - 09960164 _____ (Forcebyte.nl ) C:\Users\b\Downloads\force-byte-detector_v3.400.exe 2016-09-12 01:50 - 2016-09-12 01:50 - 00524248 _____ (F-Secure Corporation) C:\Users\b\Downloads\F-SecureOnlineScanner.exe 2016-09-12 01:49 - 2016-09-12 01:50 - 03826240 _____ C:\Users\b\Downloads\adwcleaner_6.010.exe 2016-09-12 00:27 - 2016-09-12 00:27 - 00046721 _____ C:\ComboFix.txt 2016-09-11 23:50 - 2016-09-11 23:50 - 00000000 ____D C:\Users\b\Downloads\TMRBLog 2016-09-11 23:50 - 2016-09-11 23:50 - 00000000 ____D C:\Users\b\Downloads\log 2016-09-11 23:47 - 2016-09-12 00:11 - 00001720 _____ C:\ProgramData\GYL.txt 2016-09-11 23:32 - 2016-09-11 23:32 - 00000016 _____ C:\ProgramData\mntemp 2016-09-11 23:28 - 2016-09-11 23:28 - 20892232 _____ C:\Users\b\Downloads\RogueKiller.exe 2016-09-11 23:23 - 2016-09-11 23:23 - 01610560 _____ (Malwarebytes) C:\Users\b\Downloads\JRT.exe 2016-09-11 23:00 - 2016-09-11 23:19 - 94722072 _____ (Trend Micro Inc.) C:\Users\b\Downloads\ATTKCB_ATRT_32.exe 2016-09-11 22:59 - 2016-09-11 23:06 - 26289888 _____ (Trend Micro Inc.) C:\Users\b\Downloads\attk_ScanCleanOnline_gui_x86.exe 2016-09-11 22:59 - 2016-09-11 23:00 - 04396712 _____ (Trend Micro Inc.) C:\Users\b\Downloads\attk_collector_cli_x86.exe 2016-09-11 22:58 - 2016-09-11 22:58 - 02105760 _____ (Trend Micro Inc.) C:\Users\b\Downloads\HousecallLauncher.exe 2016-09-11 22:56 - 2016-09-11 22:57 - 08842024 _____ (Trend Micro Inc.) C:\Users\b\Downloads\attk_far_gui_x86.exe 2016-09-11 22:55 - 2016-09-11 22:56 - 10078720 _____ (Trend Micro Inc.) C:\Users\b\Downloads\RootkitBusterV5.0-1198.exe 2016-09-11 22:26 - 2016-09-11 22:26 - 03423928 _____ (Symantec Corporation) C:\Users\b\Downloads\NPE.exe 2016-09-11 22:24 - 2016-09-11 22:27 - 104076176 _____ (Kaspersky Lab ZAO) C:\Users\b\Downloads\KVRT.exe 2016-09-11 22:16 - 2016-09-11 22:20 - 142213520 _____ C:\Users\b\Downloads\2ccqgiy6.exe 2016-09-11 21:34 - 2016-09-12 07:52 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-09-11 21:34 - 2016-09-11 21:34 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-09-11 21:34 - 2016-09-11 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-09-11 21:34 - 2016-09-11 21:34 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-11 21:34 - 2016-09-11 21:34 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-09-11 21:34 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-09-11 21:34 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-09-11 21:34 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-09-11 09:29 - 2016-09-11 09:29 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Globus.lnk 2016-09-11 09:29 - 2016-09-11 09:29 - 00002193 _____ C:\Users\Public\Desktop\Globus.lnk 2016-09-11 09:29 - 2016-09-11 09:29 - 00000000 ____D C:\Users\b\AppData\Local\Globus 2016-09-11 09:29 - 2016-09-11 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Globus Privacy 2016-09-11 09:29 - 2016-09-11 09:29 - 00000000 ____D C:\Program Files\Globus 2016-09-11 06:07 - 2016-09-11 06:07 - 05018560 _____ (Zemana Ltd.) C:\Users\b\Downloads\Zemana.AntiMalware.Portable.exe 2016-09-11 05:16 - 2016-09-11 05:16 - 00202290 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_05.16.01_log.txt 2016-09-11 05:13 - 2016-09-11 05:13 - 00000000 ____D C:\Users\b\Desktop\rkill 2016-09-11 05:12 - 2016-09-11 05:13 - 00202026 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_05.12.49_log.txt 2016-09-11 05:01 - 2016-09-11 05:02 - 00208804 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_05.01.14_log.txt 2016-09-11 04:44 - 2016-09-12 23:06 - 00000000 ____D C:\Users\b\AppData\Roaming\ZHP 2016-09-11 03:51 - 2016-09-11 03:51 - 00000000 ____D C:\Program Files\AVAST Software 2016-09-11 03:48 - 2016-09-11 03:48 - 00000000 ____D C:\Program Files\Sinonad 2016-09-11 03:17 - 2016-09-11 03:19 - 04113824 _____ (www.securepccleaner.com/ ) C:\Users\b\Downloads\setup (1).exe 2016-09-11 03:16 - 2016-09-11 03:22 - 00000819 _____ C:\Users\b\Downloads\wca (1) 2016-09-11 03:13 - 2016-09-11 03:13 - 00000819 _____ C:\Users\b\Downloads\wca 2016-09-11 02:46 - 2016-09-11 23:31 - 00000000 ____D C:\Program Files\Lavasoft 2016-09-11 02:46 - 2016-09-11 05:08 - 00000000 ____D C:\Users\b\AppData\Roaming\Lavasoft 2016-09-11 02:46 - 2016-09-11 02:46 - 00000000 ____D C:\Users\b\AppData\Local\Lavasoft 2016-09-11 02:46 - 2016-09-11 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-09-11 02:45 - 2016-09-11 23:31 - 00000000 ____D C:\ProgramData\Lavasoft 2016-09-11 02:07 - 2016-09-11 02:43 - 00505120 _____ C:\Users\b\Downloads\adobe_flash_setup-93163784.exe 2016-09-11 01:53 - 2016-09-12 22:38 - 00000822 _____ C:\Users\b\Desktop\ZHPCleaner.lnk 2016-09-11 01:37 - 2016-09-11 01:40 - 00752296 _____ C:\Users\b\Downloads\Adware Removal Tool by TSA.exe 2016-09-11 00:47 - 2016-09-12 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 2016-09-11 00:47 - 2016-09-11 02:18 - 00000000 ____D C:\Program Files\UCBrowser 2016-09-11 00:47 - 2016-09-11 00:47 - 00000000 ____D C:\Users\b\AppData\Local\UCBrowser 2016-09-11 00:44 - 2016-09-11 23:52 - 00008760 _____ C:\ProgramData\proxy_run.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00006960 _____ C:\ProgramData\proxy_sessions_processed.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00006487 _____ C:\ProgramData\proxySuccess.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00006480 _____ C:\ProgramData\proxy_impersonations.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00002040 _____ C:\ProgramData\proxy_user_name.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00000026 _____ C:\ProxySetter.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00000024 _____ C:\ProgramData\proxy_sessions.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 00000004 _____ C:\ProgramData\regname_b.txt 2016-09-11 00:44 - 2016-09-11 00:44 - 00000083 _____ C:\ProgramData\burl.txt 2016-09-11 00:44 - 2016-09-11 00:44 - 00000001 _____ C:\ProgramData\1111_ver.txt 2016-09-11 00:43 - 2016-09-12 07:40 - 00000000 ____D C:\Users\b\AppData\Roaming\Browsers.$quar 2016-09-11 00:43 - 2016-09-12 00:13 - 00000000 ____D C:\ProgramData\MABRAW_UPDATER 2016-09-11 00:43 - 2016-09-11 05:09 - 00000009 _____ C:\pjson.txt 2016-09-11 00:43 - 2016-09-11 05:08 - 00000012 _____ C:\compare3.txt 2016-09-11 00:43 - 2016-09-11 05:08 - 00000010 _____ C:\compare2.txt 2016-09-11 00:43 - 2016-09-11 05:08 - 00000009 _____ C:\compare1.txt 2016-09-11 00:43 - 2016-09-11 04:41 - 00000038 _____ C:\flver3.txt 2016-09-11 00:43 - 2016-09-11 04:06 - 00000299 _____ C:\version.txt 2016-09-11 00:43 - 2016-09-11 04:06 - 00000051 _____ C:\fjson.txt 2016-09-11 00:43 - 2016-09-11 00:44 - 00000000 ____D C:\ProgramData\OTP 2016-09-11 00:43 - 2016-09-11 00:43 - 00001074 _____ C:\Users\b\Desktop\Play Travian.lnk 2016-09-11 00:43 - 2016-09-11 00:43 - 00000185 _____ C:\otpu2.txt 2016-09-11 00:43 - 2016-09-11 00:43 - 00000065 _____ C:\otpu.txt 2016-09-11 00:43 - 2016-09-11 00:43 - 00000000 ____D C:\Program Files\try 2016-09-11 00:42 - 2016-09-11 00:42 - 04359224 _____ C:\Users\b\Downloads\gamesbiliardforandroid.exe 2016-09-11 00:28 - 2016-09-11 00:28 - 00995696 _____ ( ) C:\Users\b\Downloads\Install8BC(1).exe 2016-09-11 00:24 - 2016-09-11 00:24 - 00000000 ____D C:\Program Files\Common Files\Java 2016-09-11 00:13 - 2016-09-12 02:55 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper 2016-09-11 00:11 - 2016-09-11 00:12 - 27944472 _____ (Totem Entertainment ) C:\Users\b\Downloads\setup-istripper_40gtGccU5tyrD5OE.exe 2016-09-10 23:55 - 2016-09-10 23:55 - 06988120 _____ (PopGameBox Soft, Inc. ) C:\Users\b\Downloads\popgamebox_setup.exe 2016-09-10 23:43 - 2016-09-10 23:43 - 00002085 _____ C:\Users\Public\Desktop\Virtual Pool 4 Online.lnk 2016-09-10 23:43 - 2016-09-10 23:43 - 00000000 ____D C:\Users\b\AppData\Local\Celeris 2016-09-10 23:43 - 2016-09-10 23:43 - 00000000 ____D C:\Users\b\AppData\Local\CEF 2016-09-10 23:43 - 2016-09-10 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Pool 4 Online 2016-09-10 23:43 - 2016-09-10 23:43 - 00000000 ____D C:\ProgramData\Celeris 2016-09-10 23:43 - 2016-09-10 23:43 - 00000000 ____D C:\Program Files\Celeris 2016-09-10 23:37 - 2016-09-10 23:39 - 68302096 _____ (Celeris) C:\Users\b\Downloads\vponline.exe 2016-09-10 22:54 - 2016-09-10 22:57 - 00000000 ____D C:\Users\Public\Documents\Midnight Pool 3D 2016-09-10 22:42 - 2016-09-10 22:42 - 00001935 _____ C:\Users\Public\Desktop\Play Midnight Pool 3D.lnk 2016-09-10 22:42 - 2016-09-10 22:42 - 00001238 _____ C:\Users\Public\Desktop\More Great Games.lnk 2016-09-10 22:42 - 2016-09-10 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Midnight Pool 3D 2016-09-10 22:42 - 2016-09-10 22:42 - 00000000 ____D C:\Program Files\Midnight Pool 3D 2016-09-10 22:37 - 2016-09-10 22:37 - 00001877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk 2016-09-10 22:37 - 2016-09-10 22:37 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk 2016-09-10 22:37 - 2016-09-10 22:37 - 00000933 _____ C:\Users\Public\Desktop\Games.lnk 2016-09-10 22:37 - 2016-09-10 22:37 - 00000225 _____ C:\Users\Public\Desktop\More Great Games.url 2016-09-10 22:37 - 2016-09-10 22:37 - 00000000 ____D C:\ProgramData\Big Fish 2016-09-10 22:37 - 2016-09-10 22:37 - 00000000 ____D C:\Program Files\bfgclient 2016-09-10 22:35 - 2016-09-10 22:37 - 00000000 ____D C:\Users\b\AppData\Local\Big Fish 2016-09-10 22:35 - 2016-09-10 22:37 - 00000000 ____D C:\BigFishCache 2016-09-10 22:21 - 2016-09-10 22:21 - 00002090 _____ C:\Users\b\Desktop\Play other Games.lnk 2016-09-10 22:21 - 2016-09-10 22:21 - 00001135 _____ C:\Users\b\Desktop\Live Billiards Demo.lnk 2016-09-10 22:21 - 2016-09-10 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TerraGame 2016-09-10 22:21 - 2016-09-10 22:21 - 00000000 ____D C:\Program Files\TerraGame 2016-09-10 22:21 - 1999-12-17 09:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe 2016-09-10 22:18 - 2016-09-10 22:19 - 00000000 ____D C:\Program Files\8BallClub 2016-09-10 22:18 - 2016-09-10 22:18 - 00000996 _____ C:\Users\b\Desktop\8BallClub.lnk 2016-09-10 22:18 - 2016-09-10 22:18 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\8BallClub Billiards 2016-09-10 22:18 - 2016-09-10 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8BallClub Billiards 2016-09-10 21:36 - 2016-09-10 21:36 - 07274371 _____ C:\Users\b\Downloads\LiveBilliards22enDemo.exe 2016-09-10 21:34 - 2016-09-10 21:38 - 28974200 _____ C:\Users\b\Downloads\Install8BC.exe 2016-09-10 14:59 - 2016-09-10 14:59 - 06140319 _____ C:\Users\b\Documents\b-04-09-2016-01-12.fbr 2016-09-09 21:17 - 2016-09-09 21:17 - 07491840 _____ (Intel) C:\Users\b\Downloads\Intel Driver Update Utility Installer.exe 2016-09-09 21:09 - 2016-09-09 21:10 - 09764864 _____ (Digiarty Software, Inc. ) C:\Users\b\Downloads\winx-youtube-downloader.exe.part 2016-09-09 20:51 - 2016-09-09 20:51 - 01011448 _____ ( ) C:\Users\b\Downloads\skype.exe 2016-09-09 20:36 - 2016-09-09 20:37 - 00401640 _____ (TweakBit) C:\Users\b\Downloads\driver-updater-setup.exe 2016-09-09 20:07 - 2016-09-09 20:07 - 12210800 _____ (SimpleStar) C:\Users\b\Downloads\SimpleDriverUpdaterSetup.exe 2016-09-09 20:02 - 2016-09-09 20:02 - 00985408 _____ (Slimware Utilities Holdings, Inc.) C:\Users\b\Downloads\DriverUpdate-setup.exe 2016-09-09 19:18 - 2016-09-09 19:18 - 05200384 _____ (AVAST Software) C:\Users\b\Downloads\aswmbr.exe 2016-09-09 17:16 - 2016-09-09 17:16 - 00000000 ____D C:\Windows\CheckSur 2016-09-09 16:06 - 2016-09-09 16:07 - 00000099 _____ C:\Windows\system32\rufus.ini 2016-09-09 15:58 - 2016-09-09 15:58 - 04726080 _____ (Wargaming.net ) C:\Users\b\Downloads\WoT_internet_install_eu.exe 2016-09-08 20:58 - 2016-09-08 20:58 - 07269656 _____ (Bitdefender LLC) C:\Users\b\Downloads\BootkitRemoval_x86.exe 2016-09-08 20:57 - 2016-09-08 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware 2016-09-08 20:56 - 2016-09-08 20:57 - 04703248 _____ (Bitdefender ) C:\Users\b\Downloads\BDAntiRansomwareSetup.exe 2016-09-08 20:49 - 2016-09-08 20:50 - 27750400 _____ C:\Users\b\Downloads\kaspersky_anti_ransomware_tool_for_business_1.1.24.0_en.msi 2016-09-08 20:40 - 2016-09-08 20:41 - 47216704 _____ (Kaspersky Lab ZAO) C:\Users\b\Downloads\ksc_launcher.exe 2016-09-08 17:27 - 2016-09-14 16:32 - 00001044 _____ C:\Windows\Tasks\AviraScoutUpdateTaskUserS-1-5-21-2555542477-2720736690-3888076148-1000UA.job 2016-09-08 17:27 - 2016-09-10 17:32 - 00000992 _____ C:\Windows\Tasks\AviraScoutUpdateTaskUserS-1-5-21-2555542477-2720736690-3888076148-1000Core.job 2016-09-08 16:29 - 2016-09-08 16:30 - 11821770 _____ (aura4you.com ) C:\Users\b\Downloads\aura-youtube-downloader.exe 2016-09-08 16:25 - 2016-09-10 15:15 - 61243876 _____ ( ) C:\Users\b\Downloads\aimer-video-studio-express_full701.exe 2016-09-08 16:21 - 2016-09-08 16:21 - 00580040 _____ C:\Users\b\Downloads\download-videograbber.exe 2016-09-08 16:17 - 2016-09-08 16:17 - 01025596 _____ C:\Users\b\Downloads\YouTubeGrabberSetup.exe 2016-09-08 16:16 - 2016-09-08 16:16 - 08800968 _____ (APOWERSOFT LIMITED ) C:\Users\b\Downloads\photo-viewer.exe 2016-09-08 16:05 - 2016-09-08 16:06 - 25569920 _____ C:\Users\b\Downloads\GiffingTool-4.1-Buy-Later.zip 2016-09-08 15:51 - 2016-09-08 15:52 - 03265482 _____ (Oxelon ) C:\Users\b\Downloads\oxelonmedia.exe 2016-09-08 15:49 - 2016-09-08 15:51 - 35639696 _____ (KeepVid Studio ) C:\Users\b\Downloads\keepvid-video-downloader_full2578.exe 2016-09-08 15:40 - 2016-09-08 15:41 - 01643605 _____ (SoftwareMile.com ) C:\Users\b\Downloads\esvg.exe 2016-09-08 15:39 - 2016-09-08 15:41 - 31343344 _____ (Open Media LLC ) C:\Users\b\Downloads\4kvideodownloader_4.1.exe 2016-09-08 15:35 - 2016-09-08 15:37 - 20000768 _____ C:\Users\b\Downloads\NCollectorStudioLite.msi 2016-09-08 15:28 - 2016-09-08 15:28 - 04278624 _____ (www.aignes.com ) C:\Users\b\Downloads\wsasetup.exe 2016-09-08 14:56 - 2016-09-08 14:57 - 08070349 _____ ( ) C:\Users\b\Downloads\SkyGrabberSetup.exe 2016-09-08 14:35 - 2016-09-08 14:36 - 02452164 _____ (Bimesoft) C:\Users\b\Downloads\SurfOffline_Professional.exe 2016-09-08 14:28 - 2016-09-08 14:31 - 64714016 _____ (APOWERSOFT LIMITED ) C:\Users\b\Downloads\video-download-capture.exe 2016-09-08 11:35 - 2016-09-08 11:35 - 00744529 _____ C:\Users\b\Downloads\bazookasetup.exe 2016-09-08 11:35 - 2016-09-08 11:35 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bazooka Scanner 2016-09-08 11:35 - 2016-09-08 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bazooka Scanner 2016-09-08 11:35 - 2016-09-08 11:35 - 00000000 ____D C:\Program Files\Bazooka Scanner 2016-09-08 11:17 - 2016-09-08 11:17 - 08176688 _____ (Tenebril) C:\Users\b\Downloads\Tenebril_9899A19B-FF7B-4CBD-936D-C61C31BD15C2_.exe 2016-09-08 11:00 - 2016-09-08 11:17 - 2564476928 _____ C:\Users\b\Downloads\Win7_Ult_SP1_English_x32.iso 2016-09-08 10:54 - 2016-09-08 10:54 - 00877336 _____ (Alternate Tools ) C:\Users\b\Downloads\DllAnalyzer.exe 2016-09-08 10:54 - 2016-09-08 10:54 - 00001143 _____ C:\Users\Public\Desktop\Alternate DLL Analyzer.lnk 2016-09-08 10:54 - 2016-09-08 10:54 - 00000000 ____D C:\Users\b\AppData\Local\Alternate 2016-09-08 10:54 - 2016-09-08 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alternate DLL Analyzer 2016-09-08 10:54 - 2016-09-08 10:54 - 00000000 ____D C:\ProgramData\Alternate 2016-09-08 10:54 - 2016-09-08 10:54 - 00000000 ____D C:\Program Files\Alternate 2016-09-08 09:56 - 2016-09-08 09:56 - 00491008 _____ (HeiDoc.net) C:\Users\b\Downloads\Windows ISO Downloader.exe 2016-09-08 07:22 - 2016-09-08 07:22 - 02129708 _____ (Alexandre Miguel Canotilho Coelho) C:\Users\b\Downloads\Windows_Repair_Toolbox_Portable.exe 2016-09-08 01:47 - 2016-09-08 01:47 - 00001029 _____ C:\Users\Public\Desktop\Hot Alarm Clock.lnk 2016-09-08 01:47 - 2016-09-08 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hot Alarm Clock 2016-09-08 01:46 - 2016-09-08 01:47 - 00000000 ____D C:\Program Files\HotAlarmClock 2016-09-06 23:26 - 2016-09-06 23:37 - 367255288 _____ ( ) C:\Users\b\Downloads\filmora-resource-pack(1).exe 2016-09-06 08:15 - 2016-09-06 08:26 - 00381702 _____ C:\Users\b\Desktop\regrunlog.txt 2016-09-06 08:13 - 2016-09-06 08:13 - 00001115 _____ C:\Users\b\Desktop\Reanimator.lnk 2016-09-06 08:13 - 2016-09-06 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator 2016-09-06 08:13 - 2016-09-06 08:13 - 00000000 ____D C:\Program Files\Greatis 2016-09-06 08:13 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe 2016-09-06 07:51 - 2016-09-06 07:52 - 15796906 _____ C:\Users\b\Downloads\reanimator.zip 2016-09-06 07:30 - 2016-09-06 07:30 - 01259168 _____ C:\Users\b\Downloads\SecureBrowserSetup.exe 2016-09-05 10:50 - 2016-09-05 10:50 - 00939112 _____ (Kerakirab ) C:\Users\b\Downloads\DiskCleanerFree.exe 2016-09-05 10:45 - 2016-09-05 10:45 - 02951802 _____ (InstallShield Software Corporation) C:\Users\b\Downloads\EClea2_0.exe 2016-09-05 10:41 - 2016-09-05 10:42 - 01104000 _____ (Slimware Utilities Holdings, Inc.) C:\Users\b\Downloads\SlimCleanerPlus-setup.exe 2016-09-05 10:24 - 2016-09-05 10:24 - 01433776 _____ (Digital Care Solutions) C:\Users\b\Downloads\DigitalCareAVSetup_C1738922-F497-4940-A50C-AFE397B38A17_.exe 2016-09-05 10:20 - 2016-09-05 10:21 - 10123744 _____ (WinZip) C:\Users\b\Downloads\wzro34.exe 2016-09-05 08:01 - 2016-09-05 08:02 - 45523432 _____ (Pluto TV ) C:\Users\b\Downloads\PlutoTVSetup.exe 2016-09-04 09:48 - 2016-09-04 09:48 - 00549344 _____ (Max Secure Software) C:\Users\b\Downloads\MaxSDDM.exe 2016-09-04 09:09 - 2016-09-04 09:09 - 00536240 _____ (Dashlane Inc.) C:\Users\b\Downloads\Dashlane_Launcher_bfirefox-1458725556.exe 2016-09-04 06:48 - 2016-09-04 06:48 - 00000000 ____D C:\Users\b\Documents\Wondershare DVD Slideshow Builder Deluxe 2016-09-04 06:25 - 2016-09-04 06:25 - 00001191 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2016-09-04 06:25 - 2016-09-04 06:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-09-04 06:09 - 2016-09-04 06:09 - 00000000 ____D C:\ProgramData\WNR 2016-09-04 06:08 - 2016-09-12 07:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard 2016-09-04 06:08 - 2016-09-04 06:14 - 00000000 ____D C:\Program Files\Proxy Switcher Standard 2016-09-04 06:08 - 2016-09-04 06:08 - 00000000 ____D C:\Users\b\AppData\Roaming\WNR 2016-09-04 05:17 - 2016-09-04 05:17 - 08943133 _____ C:\Users\b\Downloads\presentationa.zip 2016-09-04 04:16 - 2016-09-04 04:16 - 00587309 _____ C:\Users\b\Downloads\PointerStick.zip 2016-09-03 04:31 - 2016-09-03 04:34 - 27944472 _____ (Totem Entertainment ) C:\Users\b\Downloads\setup-istripper_40gtGccU5tyrosqA.exe 2016-09-03 04:21 - 2016-09-03 04:22 - 11972232 _____ C:\Users\b\Downloads\Abigail Ratchford Sexy Tribute HQ.mp4 2016-09-02 18:50 - 2015-01-29 19:21 - 00050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2016-09-02 18:47 - 2016-09-02 18:47 - 00001244 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk 2016-09-02 18:46 - 2016-09-02 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2016-09-02 18:38 - 2016-09-02 18:43 - 36026816 _____ (Panda Security ) C:\Users\b\Downloads\PandaCloudCleaner.exe 2016-09-02 18:13 - 2016-09-02 18:13 - 00028550 _____ C:\Users\b\Downloads\MTB.txt 2016-09-02 18:11 - 2016-09-02 18:16 - 00195968 _____ C:\TDSSKiller.3.1.0.11_02.09.2016_18.11.49_log.txt 2016-09-02 00:29 - 2016-09-02 00:34 - 141877394 _____ (Igor Pavlov) C:\Users\b\Downloads\ZillyaScanner_en(1).exe 2016-09-01 21:17 - 2016-09-01 21:17 - 07887171 _____ C:\Users\b\Downloads\كرشة نوف بياعة الحلبه المنافقة هههههههه.mp4 2016-08-30 22:33 - 2016-08-30 22:33 - 00000000 ____D C:\Users\b\AppData\Roaming\Program4Pc 2016-08-30 22:32 - 2016-08-30 22:32 - 00001188 _____ C:\Users\b\Desktop\Program4Pc PC Image Editor.lnk 2016-08-30 22:32 - 2016-08-30 22:32 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Program4Pc 2016-08-30 22:32 - 2016-08-30 22:32 - 00000000 ____D C:\Program Files\Program4Pc 2016-08-30 22:32 - 2016-08-30 22:32 - 00000000 ____D C:\Program Files\Common Files\Program4Pc 2016-08-30 18:56 - 2016-08-30 18:57 - 09378776 _____ (Program4Pc Inc. ) C:\Users\b\Downloads\PCImageEdSetup.exe 2016-08-30 06:00 - 2016-09-13 02:59 - 00000795 _____ C:\Windows\system32\Drivers\etc\hosts_bak_709 2016-08-30 05:39 - 2016-09-11 03:50 - 00000000 ____D C:\ProgramData\AVAST Software 2016-08-30 05:38 - 2016-09-03 03:05 - 00000000 ____D C:\Program Files\Secure PC Tuneup 2016-08-30 05:38 - 2016-09-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure PC Tuneup 2016-08-30 05:38 - 2016-08-30 16:24 - 00000000 ____D C:\Users\b\AppData\Roaming\Secure PC Tuneup 2016-08-29 01:01 - 2016-08-29 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer 2016-08-28 06:30 - 2016-08-28 06:36 - 37084280 _____ (SimpleStar) C:\Users\b\Downloads\SimplePCOptimizerSetup.exe 2016-08-27 19:52 - 2016-08-27 19:52 - 00001105 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk 2016-08-27 19:51 - 2016-08-27 19:51 - 00000000 ____D C:\ProgramData\Wondershare Video Editor 2016-08-27 19:46 - 2016-08-27 19:46 - 01225872 _____ C:\Users\b\Downloads\filmora_setup_full846(2).exe 2016-08-26 19:03 - 2016-08-26 19:03 - 37328992 _____ (Oracle Corporation) C:\Users\b\Downloads\JavaSetup [1].exe 2016-08-26 17:13 - 2016-08-26 17:13 - 02470571 _____ C:\Users\b\Downloads\sai-1.2.5-ful-en.exe 2016-08-23 19:30 - 2016-08-23 19:30 - 00004714 _____ C:\TDSSKiller.3.1.0.11_23.08.2016_19.30.43_log.txt 2016-08-22 22:45 - 2016-08-25 20:35 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-08-21 09:40 - 2016-08-21 09:41 - 04776920 _____ (globalpcworks.com ) C:\Users\b\Downloads\gpcwfhposcwg(1).exe 2016-08-21 08:03 - 2016-08-21 08:12 - 239126136 _____ C:\Users\b\Downloads\Windows6.1-KB947821-v34-x86.msu 2016-08-20 22:04 - 2016-08-20 22:04 - 14209106 _____ C:\Users\b\Documents\b-20-08-2016-21-36.fbr 2016-08-20 06:29 - 2016-08-20 06:29 - 01868856 _____ (Ellora Assets Corporation ) C:\Users\b\Downloads\FreemakeVideoDownloaderSetup.exe 2016-08-18 03:24 - 2016-08-18 03:24 - 00978072 _____ (Panda Security, S.L.) C:\Users\b\Downloads\uninstaller.exe 2016-08-18 03:24 - 2016-08-18 03:24 - 00000000 ____D C:\ProgramData\Panda Security 2016-08-16 20:41 - 2016-07-08 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-14 17:20 - 2016-04-10 10:17 - 00049903 _____ C:\Windows\ZAM.krnl.trace 2016-09-14 16:52 - 2016-07-26 13:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-09-14 16:39 - 2016-04-09 22:19 - 00000000 ____D C:\Users\b\AppData\Roaming\Adobe 2016-09-14 16:38 - 2016-04-09 22:16 - 00000000 ____D C:\Windows\system32\Macromed 2016-09-14 16:38 - 2016-04-09 22:15 - 00000000 ____D C:\Users\b\AppData\Local\Adobe 2016-09-14 16:22 - 2016-04-13 15:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-14 06:06 - 2016-04-09 22:25 - 00000000 ____D C:\ProgramData\Globus Privacy 2016-09-14 06:06 - 2009-07-14 07:34 - 00022528 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-09-14 06:06 - 2009-07-14 07:34 - 00022528 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-09-14 05:08 - 2010-11-21 00:01 - 00778180 _____ C:\Windows\system32\PerfStringBackup.INI 2016-09-14 05:07 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\inf 2016-09-14 05:00 - 2016-04-10 13:05 - 00000000 ____D C:\Users\b\AppData\Local\CrashDumps 2016-09-14 05:00 - 2016-04-10 09:10 - 00000000 ____D C:\Users\b\AppData\Roaming\MPC-HC 2016-09-14 04:30 - 2016-04-10 08:22 - 00000000 ____D C:\Users\b\Desktop\Old Firefox Data 2016-09-14 03:25 - 2016-01-01 07:13 - 00246146 _____ C:\Users\b\Desktop\New Text Document.txt 2016-09-14 01:06 - 2016-05-22 02:22 - 00000600 _____ C:\Users\b\PUTTY.RND 2016-09-14 00:21 - 2016-04-10 01:52 - 00000000 ____D C:\AdwCleaner 2016-09-13 21:10 - 2016-08-02 03:54 - 00000286 _____ C:\Windows\Tasks\Cezurity Antivirus Scanner Idle Launcher.job 2016-09-13 03:57 - 2016-04-09 22:21 - 00000000 ____D C:\Program Files\UVK - Ultra Virus Killer 2016-09-13 03:55 - 2011-04-12 05:24 - 00000000 ____D C:\Windows\CSC 2016-09-13 03:33 - 2016-04-10 00:56 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe 2016-09-13 03:06 - 2016-04-10 11:02 - 00000000 ____D C:\Users\b\AppData\Local\NPE 2016-09-13 03:05 - 2016-04-30 11:43 - 00000000 ____D C:\NPE 2016-09-13 03:03 - 2016-04-10 10:17 - 00084747 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-09-13 02:57 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\NDF 2016-09-13 01:31 - 2016-04-30 08:04 - 00000000 ____D C:\Users\b\AppData\Local\BetelZygote 2016-09-13 01:06 - 2016-07-09 23:06 - 00000000 ____D C:\Program Files\stinger 2016-09-12 23:59 - 2016-04-10 05:53 - 00002042 _____ C:\Users\b\Desktop\Rkill.txt 2016-09-12 23:10 - 2016-04-30 09:30 - 00000008 __RSH C:\Users\b\ntuser.pol 2016-09-12 23:10 - 2016-04-09 21:27 - 00000000 ____D C:\Users\b 2016-09-12 23:06 - 2016-04-10 10:13 - 00001565 _____ C:\Users\b\Desktop\ZHPCleaner.txt 2016-09-12 23:01 - 2016-05-22 01:19 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Epic Privacy Browser 2016-09-12 22:37 - 2016-07-23 14:07 - 00181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam32.sys 2016-09-12 02:56 - 2016-04-10 11:01 - 00000000 ____D C:\Users\b\AppData\Local\FSDART 2016-09-12 02:38 - 2016-04-10 07:53 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys 2016-09-12 02:35 - 2016-07-09 21:34 - 00000320 _____ C:\Users\b\Downloads\Result.txt 2016-09-12 00:27 - 2016-04-10 07:38 - 00000000 ____D C:\Qoobox 2016-09-12 00:25 - 2009-07-14 05:04 - 00000215 _____ C:\Windows\system.ini 2016-09-12 00:15 - 2016-07-10 21:31 - 05658674 ____R (Swearware) C:\Users\b\Downloads\ComboFix.exe 2016-09-11 23:26 - 2016-04-10 02:03 - 00002789 _____ C:\Users\b\Desktop\JRT.txt 2016-09-11 22:29 - 2011-04-12 05:24 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2016-09-11 07:06 - 2016-07-24 10:34 - 00000000 ____D C:\Program Files\Opera developer 2016-09-11 07:06 - 2016-04-10 01:20 - 00000000 ____D C:\Program Files\Opera 2016-09-11 05:10 - 2009-07-14 07:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-09-11 02:06 - 2016-04-09 22:33 - 00000000 ____D C:\Users\b\Documents\CaptureWiz 2016-09-11 00:24 - 2016-04-09 22:05 - 00000000 ____D C:\Users\b\.oracle_jre_usage 2016-09-11 00:24 - 2016-04-09 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-09-11 00:23 - 2016-04-09 22:05 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2016-09-11 00:23 - 2016-04-09 22:04 - 00000000 ____D C:\Program Files\Java 2016-09-10 23:41 - 2016-05-02 17:06 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-10 22:57 - 2016-07-07 10:28 - 00000000 ____D C:\ProgramData\TEMP 2016-09-10 22:42 - 2009-07-14 07:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-09-10 17:49 - 2016-06-05 20:39 - 00054040 _____ C:\Users\b\Documents\starburn.txt 2016-09-10 15:03 - 2016-07-14 12:16 - 00000000 ____D C:\Users\b\AppData\Local\Package Cache 2016-09-10 15:02 - 2016-04-09 22:31 - 00000000 ____D C:\Users\b\AppData\Roaming\Blueberry 2016-09-08 20:57 - 2016-04-30 17:01 - 00000000 ____D C:\Program Files\Bitdefender 2016-09-08 17:28 - 2016-07-14 12:17 - 00002321 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Scout.lnk 2016-09-08 17:28 - 2016-07-14 12:17 - 00002313 _____ C:\Users\b\Desktop\Avira Scout.lnk 2016-09-08 17:27 - 2016-05-21 19:58 - 00000000 ____D C:\Users\b\AppData\Local\Avira 2016-09-06 08:26 - 2016-07-02 08:57 - 00000000 ____D C:\Users\b\Documents\RegRun2 2016-09-06 08:26 - 2016-05-04 03:35 - 00000000 ____D C:\ProgramData\RegRun 2016-09-06 08:19 - 2016-07-02 08:55 - 00000000 ____D C:\Users\Public\Documents\regruninfo 2016-09-06 08:13 - 2016-05-04 03:34 - 00000002 RSHOT C:\Windows\winstart.bat 2016-09-06 08:13 - 2009-07-14 05:04 - 00002577 _____ C:\Windows\system32\config.nt 2016-09-06 08:13 - 2009-07-14 05:04 - 00001688 _____ C:\Windows\system32\autoexec.nt 2016-09-04 06:48 - 2016-04-18 05:00 - 00000000 ____D C:\ProgramData\Wondershare 2016-09-04 06:46 - 2016-04-24 19:07 - 00002097 _____ C:\Users\b\Desktop\ImTOO Video Converter Ultimate.lnk 2016-09-04 06:41 - 2016-05-06 22:41 - 00011781 ___SH C:\Users\b\AppData\Local\win_flfiles_sys.dat 2016-09-04 06:41 - 2016-05-06 22:41 - 00003465 ___SH C:\Users\b\AppData\Local\win_stlthdb_sys.dat 2016-09-04 06:36 - 2016-05-02 17:06 - 00000000 ____D C:\Program Files\Intel Driver Update Utility 2016-09-02 18:46 - 2016-07-09 22:07 - 00000000 ____D C:\Program Files\Panda Security 2016-09-01 00:46 - 2016-04-10 01:29 - 00000000 ____D C:\Users\b\Documents\BB FlashBack Movies 2016-08-30 06:02 - 2016-06-09 13:59 - 00000000 ____D C:\Users\b\AppData\Roaming\PhoXo 2016-08-29 01:01 - 2016-05-29 20:49 - 06481184 _____ (Carifred) C:\Users\b\Downloads\UVKSetup.exe 2016-08-29 01:01 - 2016-04-09 22:21 - 00001963 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk 2016-08-27 19:52 - 2016-04-18 04:59 - 00000000 ____D C:\Users\b\AppData\Local\Wondershare 2016-08-27 19:52 - 2016-04-18 04:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2016-08-27 19:51 - 2016-06-27 06:06 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2016-08-27 19:51 - 2016-04-18 04:58 - 00000000 ____D C:\Program Files\Wondershare 2016-08-27 19:51 - 2016-02-23 05:32 - 00173492 _____ C:\Users\b\Desktop\مستند نصي جديد ‫‬.txt 2016-08-25 20:35 - 2016-07-28 23:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-08-24 04:51 - 2016-04-10 12:47 - 00000000 ____D C:\Users\b\AppData\Local\Google 2016-08-22 21:24 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache 2016-08-22 18:06 - 2016-07-26 11:57 - 00000000 ____D C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flash Cookie Cleaner 2016-08-22 17:59 - 2016-07-29 21:31 - 00027143 _____ C:\Windows\system32\MTB.txt 2016-08-20 23:20 - 2016-04-11 10:21 - 00000000 ____D C:\Users\b\AppData\Local\ACD Systems 2016-08-15 21:37 - 2016-06-03 07:23 - 00000000 ____D C:\Users\b\Downloads\backups 2016-08-15 09:20 - 2016-07-20 17:10 - 05277322 _____ C:\Users\b\Desktop\PhoXo20.oXo ==================== Files in the root of some directories ======= 2016-04-14 12:52 - 2016-04-14 12:52 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll 2016-07-01 22:26 - 2016-07-01 22:26 - 6870016 _____ () C:\Users\b\AppData\Roaming\agent.dat 2016-04-10 00:50 - 2016-04-10 00:50 - 0005120 _____ () C:\Users\b\AppData\Roaming\GiftBag.db 2016-07-01 22:26 - 2016-07-01 22:26 - 0128512 _____ () C:\Users\b\AppData\Roaming\Installer.dat 2016-04-20 09:14 - 2016-07-02 09:32 - 0390636 _____ () C:\Users\b\AppData\Local\ars.cache 2016-04-20 09:14 - 2016-07-02 09:33 - 0705684 _____ () C:\Users\b\AppData\Local\census.cache 2016-04-10 08:48 - 2016-04-10 08:48 - 0000036 _____ () C:\Users\b\AppData\Local\housecall.guid.cache 2016-04-20 08:04 - 2016-07-02 09:07 - 0000010 _____ () C:\Users\b\AppData\Local\sponge.last.runtime.cache 2016-05-06 22:41 - 2016-09-04 06:41 - 0011781 ___SH () C:\Users\b\AppData\Local\win_flfiles_sys.dat 2016-05-06 22:41 - 2016-09-04 06:41 - 0003465 ___SH () C:\Users\b\AppData\Local\win_stlthdb_sys.dat 2016-09-11 00:44 - 2016-09-11 00:44 - 0000001 _____ () C:\ProgramData\1111_ver.txt 2016-09-11 00:44 - 2016-09-11 00:44 - 0000083 _____ () C:\ProgramData\burl.txt 2016-09-11 23:47 - 2016-09-12 00:11 - 0001720 _____ () C:\ProgramData\GYL.txt 2016-09-11 23:32 - 2016-09-11 23:32 - 0000016 _____ () C:\ProgramData\mntemp 2016-09-11 00:44 - 2016-09-11 23:52 - 0006487 _____ () C:\ProgramData\proxySuccess.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 0006480 _____ () C:\ProgramData\proxy_impersonations.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 0008760 _____ () C:\ProgramData\proxy_run.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 0000024 _____ () C:\ProgramData\proxy_sessions.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 0006960 _____ () C:\ProgramData\proxy_sessions_processed.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 0002040 _____ () C:\ProgramData\proxy_user_name.txt 2016-09-11 00:44 - 2016-09-11 23:52 - 0000004 _____ () C:\ProgramData\regname_b.txt Files to move or delete: ==================== C:\Users\b\ZHPCleaner.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-09-13 21:13 ==================== End of FRST.txt ============================