permission hijacked

**harry1126** · 2015-12-05, 06:15

I'm on a win7 ultimate, someday it just suddenly dont allow me to change/delete most of the things in the computer. I think its probably a malware, so im here seeking for help.
Hope anyone can reply me soon. And the processing speed of most software significantly slow down.

aswMBR.txt

The FRST.txt and Addition.txt both exceed upload limit... I will upload them as text..
Harry

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Ran by USER (administrator) on USER-PC (04-12-2015 22:56:44)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER (Available Profiles: USER & Administrator & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: 中文 (繁體，香港特別行政區)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(百度在线网络技术（北京）有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe
(百度在线网络技术（北京）有限公司) C:\ProgramData\Baidu\tbservice\2.0.1.238\tbservice.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LucidLogix) C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(WiseCleaner.com) C:\Users\USER\Downloads\WiseCare365Portable\WiseTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Octoshape ApS) C:\Users\USER\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
() C:\Users\USER\Desktop\new.exe
(深圳市迅雷网络技术有限公司) C:\Program Files (x86)\Thunder Network\Thunder\Program\Thunder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Akamai Technologies, Inc.) C:\Users\USER\AppData\Local\Akamai\netsession_win.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Akamai Technologies, Inc.) C:\Users\USER\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(深圳市迅雷网络技术有限公司) C:\Users\Public\Thunder Network\XMP5\V5.1.15.3791\Program\xmp.exe
() D:\Program Files (x86)\Meitu\KanKan\KanKan.exe
(Hobbyist Software) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Thunder Network\Thunder\Program\HostProcess.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ShenZhen Xunlei Networking Technologies,LTD) C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.249_1111\ThunderPlatform.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Futuredial Inc.) C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(uWebb Software) C:\Program Files (x86)\Real Temp\RealTemp.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4584\Agent.exe
(Blizzard Entertainment) D:\Program Files (x86)\Battle.net\Battle.net.6337\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-13] (NVIDIA Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4368952 2014-10-24] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [ASUS Sync Loader] => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [638976 2013-03-01] (Futuredial Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Mirroring360] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe [18874192 2015-08-26] (Splashtop Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Octoshape Streaming Services] => C:\Users\USER\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Thunder] => C:\Program Files (x86)\Thunder Network\Thunder\Program\Thunder.exe [1702344 2014-04-04] (深圳市迅雷网络技术有限公司)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-14] (Electronic Arts)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [BaiduYunGuanjia] => C:\Users\USER\AppData\Roaming\baidu\BaiduYunGuanjia\BaiduYunGuanjia.exe [5805336 2015-07-25] ()
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [hotkey] => C:\Users\USER\Desktop\new.exe [207225 2014-10-04] ()
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Akamai NetSession Interface] => C:\Users\USER\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [XMP] => C:\Users\Public\Thunder Network\XMP5\V5.1.15.3791\Program\xmp.exe [262016 2015-02-02] (深圳市迅雷网络技术有限公司)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Meitukankan] => D:\Program Files (x86)\Meitu\KanKan\KanKan.exe [4843144 2013-03-20] ()
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1214280 2015-07-12] (Hobbyist Software)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [Battle.net] => D:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2946096 2015-11-14] (Blizzard Entertainment)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [uTorrent] => "C:\Users\USER\AppData\Local\Temp\utt6A39.tmp.exe" /MINIMIZED <===== ATTENTION
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Run: [GoogleChromeAutoLaunch_5F84849B2B55F3FB722B227E29B35DDB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [870728 2015-11-07] (Google Inc.)
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [PPS Accelerator] => D:\PPS.tv\PPStream\PPSKernel.exe [6413176 2013-11-05] (PPStream Inc.)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0404-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
AppInit_DLLs: C:\Windows\System32\appinit_dll.dll => C:\Windows\System32\appinit_dll.dll [531688 2013-11-26] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\Windows\SysWOW64\appinit_dll.dll => C:\Windows\SysWOW64\appinit_dll.dll [482536 2013-11-26] (Lucidlogix Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [.XLKKDesktopIcon] -> {4DB0021B-1EC2-4C31-BD79-FEA2892EEB43} => C:\Users\Public\Thunder Network\KKVideo\Addins\KKVIconHandler64.dll No File
ShellIconOverlayIdentifiers: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Users\Public\Thunder Network\KanKan\reghelper\xappex.1.1.1.84.(692).dll [2013-11-17] (深圳市迅雷网络技术有限公司)
ShellIconOverlayIdentifiers-x32: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Users\Public\Thunder Network\KanKan\reghelper\xappex.1.1.1.73.(111).dll No File
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) 渦輪加速技術監視器 2.6.lnk [2013-03-19]
ShortcutTarget: Intel(R) 渦輪加速技術監視器 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client 管理工具启动菜单.lnk [2014-10-24]
ShortcutTarget: SoftEther VPN Client 管理工具启动菜单.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-03-24]
ShortcutTarget: Curse.lnk -> C:\Users\USER\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012-08-14]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Real Temp.lnk [2013-01-10]
ShortcutTarget: Real Temp.lnk -> C:\Program Files (x86)\Real Temp\RealTemp.exe (uWebb Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{059B8E1A-498E-4537-98C1-1514AF923C23}: [DhcpNameServer] 8.8.4.4
Tcpip\..\Interfaces\{7154C2AE-27B5-4D32-8DF9-5E9111746A06}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7154C2AE-27B5-4D32-8DF9-5E9111746A06}: [DhcpNameServer] 203.185.0.33 203.185.0.34

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ouliu.net/
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=82013038_111_hao_pg
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.ouliu.net/
HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ouliu.net/
SearchScopes: HKLM -> DefaultScope {DAFC3089-C966-4796-BF72-E6BB9C4BB8E5} URL = hxxp://www.google.com.hk/search?client=aff-6655&forid=1&ie=utf-8&oe=UTF-8&hl=zh-CN&q={searchTerms}
SearchScopes: HKLM -> {0E7B197B-A3DE-4FD4-A19A-1EECF791D16F} URL = hxxp://www.baidu.com/s?tn=mswin_oem_dg&ie=utf-8&word={searchTerms}
SearchScopes: HKLM -> {DAFC3089-C966-4796-BF72-E6BB9C4BB8E5} URL = hxxp://www.google.com.hk/search?client=aff-6655&forid=1&ie=utf-8&oe=UTF-8&hl=zh-CN&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=79081068_1_oem_dg&ch=33
SearchScopes: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> {1FF7973D-AB0A-496d-82C1-4EADBBA11E7B} URL = hxxp://www.soso.com/q?sc=web&cid=th.ub&w={searchTerms}&cin=g5IMCy9zrKLhgEBSrf7!2S430gc60g00&lr=&ie={inputEncoding}&unc=y400372_4
SearchScopes: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = hxxp://www.google.cn/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=79081068_1_oem_dg&ch=33
SearchScopes: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
SearchScopes: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> {DAFC3089-C966-4796-BF72-E6BB9C4BB8E5} URL = hxxp://www.google.com.hk/search?client=aff-6655&forid=1&ie=utf-8&oe=UTF-8&hl=zh-CN&q={searchTerms}
BHO: 迅雷下载支持 -> {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} -> C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.99.11.234.dll [2014-04-04] (深圳市迅雷网络技术有限公司)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-28] (Oracle Corporation)
BHO: QvodExtend -> {A8502600-B272-4F68-A67B-A0305D46D296} -> C:\ProgramData\QvodPlayer\QvodExtend\5.0.101.0\QvodExtend_x64.dll [2014-12-24] (Shenzhen QVOD Technology Co.,Ltd)
BHO: QvodExtend -> {A8502600-B272-4F68-A67B-A0305D46D298} -> C:\ProgramData\QvodPlayer\QvodExtend\5.0.100.0\QvodExtend_x64.dll => No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-28] (Oracle Corporation)
BHO-x32: VideoUrlSniffer Class -> {00000ADA-7E0D-47C1-986C-F017D09C4304} -> C:\Users\Public\Thunder Network\XMP5\Addins\VideoUrlSniffer.2.3.3.211.(591).dll [2015-02-02] (深圳市迅雷网络技术有限公司)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Baidu Toolbar BHO -> {77FEF28E-EB96-44FF-B511-3185DEA48697} -> C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll [2015-07-08] ()
BHO-x32: No Name -> {889D2FEB-5411-4565-8998-1DD2C5261283} -> No File
BHO-x32: QvodExtend -> {A8502600-B272-4F68-A67B-A0305D46D295} -> C:\ProgramData\QvodPlayer\QvodExtend\5.0.101.0\QvodExtend.dll => No File
BHO-x32: QvodExtend -> {A8502600-B272-4F68-A67B-A0305D46D297} -> C:\ProgramData\QvodPlayer\QvodExtend\5.0.100.0\QvodExtend.dll => No File
BHO-x32: YunFanRiliExtend -> {A8502622-B272-4F68-A67B-A0305D46D2A7} -> C:\Program Files (x86)\YfCalendar\YunFanRiliExtend.dll => No File
BHO-x32: Tencent Browser Helper -> {AD828E27-783F-C223-37EB-BFAFD9E2ED02} -> C:\Program Files\TENCENT\SSPlus\SAddr.dll => No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: D4F3AC68-A72B-90ED-7B52-0E448AD5B1BF Class -> {D4F3AC68-A72B-90ED-7B52-0E448AD5B1BF} -> c:\program files (x86)\baidu\{d4f3ac68-a72b-90ed-7b52-0e448ad5b1bf}\addressbar.dll [2015-08-05] ()
BHO-x32: 迅雷下载支持组件 -> {DE05CF4A-7B0A-4775-B5E5-396244938679} -> C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll [2013-11-14] (深圳市迅雷网络技术有限公司)
BHO-x32: EBB122D0-8803-FF80-644F-C38CA67C5E2C Class -> {EBB122D0-8803-FF80-644F-C38CA67C5E2C} -> C:\Program Files (x86)\QvodPlayer\AddIn\{EBB122D0-8803-FF80-644F-C38CA67C5E2C}\QvodAddr.dll => No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - 啃僅馱撿戲 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\Program Files (x86)\Baidu\Toolbar\BaiduBarX.dll [2015-07-08] ()
Toolbar: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-3834753904-2961163509-1820253113-1000 -> No Name - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - No File
DPF: HKLM-x32 {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} hxxp://sample9.dmm.co.jp/downloader5/DMMDownloader.cab
DPF: HKLM-x32 {AE0961BF-4F97-409D-9260-320A4E0FEDDF} hxxp://ic.b7b34094.108694.1.dmmolgclg.loris.llnwd.net/master/dmm_trigger.cab
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\smoxfgpv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-10-16] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @qvod.com/QvodShare -> C:\Program Files (x86)\QvodPlayer\npShareModule_x64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @baidu.com/BaiduExpert-npplugin -> C:\Users\USER\AppData\Roaming\Baidu\BDWebAdapter\3.0.240.0\npBDExNP.dll [2015-07-27] (百度在线网络技术（北京）有限公司)
FF Plugin-x32: @baidu.com/npxbdsetup -> C:\Windows\Downloaded Program Files\20400827\npxbdsetup.dll [2012-12-26] ()
FF Plugin-x32: @baidu.com/UploadPlugin -> C:\Users\USER\AppData\Roaming\baidu\Baidu Uploader\npUploader.dll [No File]
FF Plugin-x32: @baidu.com/YunWebDetectPlugin -> C:\Users\USER\AppData\Roaming\baidu\BaiduYunGuanjia\npYunWebDetect.dll [2015-07-25] (Baidu.com, Inc.)
FF Plugin-x32: @baiduwangpan.com/npxbdyy -> C:\Program Files (x86)\Baidu\BaiduPlayerBaiduYun\1.19.1.23\npxbdyy.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-10-16] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-08-02] (Pando Networks)
FF Plugin-x32: @pps.tv/nppps -> D:\PPS.tv\PPStream\nppps.dll [2013-10-23] ()
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\USER\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @xunlei.com/DapCtrl -> C:\Program Files (x86)\Common Files\Thunder Network\KanKan\npKKDapCtrl.dll [2015-05-28] (ShenZhen Thunder Networking Technologies Ltd.)
FF Plugin-x32: @xunlei.com/KKVA -> C:\Program Files (x86)\Common Files\Thunder Network\KanKan\npKKVA.1.0.0.6.(509).dll [2012-11-16] (ShenZhen Thunder Networking Technologies Ltd.)
FF Plugin-x32: @xunlei.com/KKVpCtrl -> C:\Program Files (x86)\Common Files\Thunder Network\KanKan\npKKVPCtrl.1.0.0.1.(696).dll [2014-04-28] (ShenZhen Thunder Networking Technologies Ltd.)
FF Plugin-x32: @xunlei.com/npaplayer -> C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll [2013-07-06] (ShenZhen Thunder Networking Technologies, LTD)
FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [2014-04-04] ( )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\USER\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: @qvod.com/QvodInsert -> C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll [No File]
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\USER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll [2014-04-04] ( )
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: gf2.gameflier.com/WebLauncher -> D:\GF2_WebLaunch\npWebLauncher.dll [2013-02-06] (Gameflier)
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: KuaiWanInsert -> C:\Program Files (x86)\QvodPlayer\AddIn\KWWebgame\npKWWebGame.dll [No File]
FF Plugin HKU\S-1-5-21-3834753904-2961163509-1820253113-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-08-02] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll [2013-03-11] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll [2010-03-31] (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Users\USER\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-21] (Octoshape ApS)
FF Extension: Thunder Extension - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\smoxfgpv.default\extensions\{1B33E42F-EF14-4cd3-B6DC-174571C4349C} [2014-04-04] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.hk/webhp?hl=zh-TW
CHR NewTab: Default -> "chrome-extension://boeojddkbfhdgnnicgkgogjnbkdljibb/blank.html"
CHR DefaultSearchKeyword: Default -> History
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (dmm_trigger) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekecocnhcgghjgbihpbgdimpobbkfpe [2015-10-08]
CHR Extension: (議員票數自動標籤系統(香港立法會)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\agacelpjpcjhdhbgdnbgpfgchncakiaj [2014-10-31]
CHR Extension: (HD for YouTube™) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2015-11-18]
CHR Extension: (Google 雲端硬碟) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (喚醒內在原力) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeojddkbfhdgnnicgkgogjnbkdljibb [2015-11-27]
CHR Extension: (Advanced Font Settings) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2015-03-16]
CHR Extension: (Adblock Plus) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-26]
CHR Extension: (JSONView) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2015-05-17]
CHR Extension: (OneTab) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-07-18]
CHR Extension: (Simplified to Traditional Converter) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\edjlonaonlbajbfoomcmgfabifpphmnd [2014-05-18]
CHR Extension: (MathJax for Chrome™) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbbpgnifnallkilnkofjcgjeallfcfa [2015-05-10]
CHR Extension: (Tex Renderer) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\enfbnhdcmcipeoakalehejknkpbajodp [2014-08-26]
CHR Extension: (Facebook for Chrome) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-08-28]
CHR Extension: (Math Anywhere) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebhifiddmaaeecbaiemfpejghjdjmhc [2014-09-09]
CHR Extension: (Google 文件離線版) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (HOLA更好的互聯網) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-12-03]
CHR Extension: (DMMランチャーPlugin) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbnpbfjkgbkilkjokfccjdbhjmkpgnnk [2014-08-20]
CHR Extension: (Wolfram
Alpha (Official)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2014-05-18]
CHR Extension: (K-ON!) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijlppfhlfgamaofmpafjpibhdmmcbde [2014-05-18]
CHR Extension: (迅雷、QQ旋風-鏈接自動轉換(APP)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcjhgihkjbhglamhcjpaidnlniphdic [2015-01-16]
CHR Extension: (新同文堂) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmgbgaoglmaiblpnphffibpbfchjaeg [2014-12-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-12]
CHR Extension: (Privacy Palette) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone [2014-05-18]
CHR Extension: (Chrome 線上應用程式商店付款系統) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Better History) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-01-08]
CHR Extension: (迅雷下载支持 - 纯净版) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognffmellcnpnlcpgcmalmembjhbnean [2014-05-29]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2015-11-13]
CHR Extension: (Unblock Youku) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2015-11-26]
CHR Extension: (Latex for Facebook) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\poipbfekjfkiblpnimhjjmdecjjiblhm [2014-07-26]
CHR HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\USER\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx <not found>
CHR HKU\S-1-5-21-3834753904-2961163509-1820253113-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\USER\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [hmbifdmobcbjlhplmlnbjbofnnoolink] - C:\Program Files (x86)\Thunder Network\Thunder\BHO\xl_plugin_chrome.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [1475744 2012-05-25] (ASUSTeK Computer Inc.)
R2 BDSGRTP; C:\Program Files (x86)\Common Files\Baidu\BaiduProtect1.3\1.3.0.645\BaiduProtect.exe [1940072 2014-12-04] (百度在线网络技术（北京）有限公司)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-05-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-05-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-13] (NVIDIA Corporation)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [840080 2015-10-20] (Google Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 LucidSvc; C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe [20712 2013-11-26] (LucidLogix)
R2 METrsptSvr; C:\ProgramData\Thunder Network\DeviceTips\Program\METrsptSvr.dll [734896 2012-05-03] (Thunder Networking Technologies,LTD)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-13] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-02] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4368952 2014-10-24] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 TBService; C:\ProgramData\Baidu\tbservice\2.0.1.238\tbservice.exe [222200 2015-11-21] (百度在线网络技术（北京）有限公司)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 VsEtwService120; G:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Users\USER\Downloads\WiseCare365Portable\BootTime.exe [580232 2013-12-09] (WiseCleaner.com) [File not signed]
R2 XLServicePlatform; C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\XLSP.dll [174024 2014-04-04] (ShenZhen Xunlei Networking Technologies,LTD)
R2 XMouseButton Launcher; C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [87040 2012-06-23] (Highresolution Enterprises) [File not signed]
S2 ARUpdate; "C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe" /Service [X]
S3 BaiduUpdater; C:\Program Files (x86)\Baidu\BaiduUpdate\bdupdate.exe [X]
S2 BDKVRTP; "C:\Program Files (x86)\BaiduSd3.0\BaiduSd\3.0.0.4605\baidusdSvc.exe" -r [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 bbrowserboost; C:\Windows\system32\drivers\bbrowserboost.sys [155640 2015-11-21] (Baidu)
R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [181072 2015-12-04] (Baidu)
R1 bd0004; C:\Windows\System32\DRIVERS\bd0004.sys [170312 2014-11-28] (Baidu)
R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-27] (Baidu Technology)
R1 BDCEnhance; C:\Windows\System32\DRIVERS\BDCEnhance.sys [112632 2015-12-04] (Baidu)
R1 BDICx64; C:\Windows\system32\drivers\BDICx64.sys [34696 2015-09-29] (Baidu)
R1 BDMWrench; C:\Windows\System32\DRIVERS\BDMWrench.sys [130888 2014-12-23] (Baidu)
S1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [130888 2015-01-19] (Baidu)
R2 BDPaHlp; C:\Program Files (x86)\Baidu\BrowserProtect\1.0.2.364\drivers\x64\BDPaHlp.sys [105864 2015-09-29] (Baidu)
R1 bduniptk; C:\Windows\System32\DRIVERS\bduniptk.sys [288264 2015-12-04] (Baidu)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-05-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-23] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0012.sys [29808 2012-12-26] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [73552 2012-10-16] (Dataram, Inc.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
S3 sclbl; G:\Vendetta Gaming Network\Scarlet Blade Vendetta\avital\scarbt64.sys [86352 2014-10-08] ()
S3 SecRomDrv; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-23] (Duplex Secure Ltd.)
R3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-11] (Anchorfree Inc.)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [969696 2014-09-05] (TENCENT)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-02] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\Real Temp\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
U3 ac0gtp1o; C:\Windows\System32\Drivers\ac0gtp1o.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-04 22:56 - 2015-12-04 22:57 - 00050914 _____ C:\Users\USER\Desktop\FRST.txt
2015-12-04 14:44 - 2015-12-04 14:44 - 00000000 ___HD C:\OneDriveTemp
2015-12-04 14:17 - 2015-12-04 14:14 - 02350080 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2015-12-04 14:15 - 2015-12-04 14:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-USER-PC-Windows-7-Ultimate-(64-bit).dat
2015-12-04 14:14 - 2015-12-04 22:56 - 00000000 ____D C:\FRST
2015-12-04 14:14 - 2015-12-04 14:14 - 00000000 ____D C:\RegBackup
2015-12-04 00:47 - 2015-12-04 00:47 - 00000000 ____D C:\Users\USER\Documents\ProcAlyzer Dumps
2015-12-04 00:05 - 2015-12-03 22:59 - 00000097 _____ C:\Windows\system32\Drivers\etc\hosts.20151204-000520.backup
2015-12-03 23:14 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-03 23:06 - 2015-12-03 23:06 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-03 23:06 - 2015-12-03 23:06 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-03 23:06 - 2015-12-03 23:06 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-12-03 23:06 - 2015-12-03 23:06 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-12-03 23:06 - 2015-12-03 23:06 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-12-03 23:05 - 2015-12-04 00:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-03 23:05 - 2015-12-03 23:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-03 23:05 - 2015-12-03 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-03 23:05 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-12-03 23:04 - 2015-12-03 23:11 - 00491744 _____ C:\Windows\ntbtlog.txt
2015-12-03 22:00 - 2015-12-03 22:00 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2015-12-03 01:50 - 2015-12-03 03:49 - 00000000 ____D C:\Program Files\Unlocker
2015-12-03 01:50 - 2015-12-03 01:50 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-12-03 01:29 - 2015-12-03 01:29 - 00423078 _____ C:\Users\USER\Desktop\UnlockerPortable_1.9.2_azo.exe.td
2015-12-03 01:29 - 2015-12-03 01:29 - 00000577 _____ C:\Users\USER\Desktop\UnlockerPortable_1.9.2_azo.exe.td.cfg
2015-12-02 21:56 - 2015-12-02 21:56 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Sun
2015-12-02 20:55 - 2015-12-03 21:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mirroring360
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ESET
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ASUS WebStorage
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ASUS
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Google
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn
2015-12-02 20:55 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2015-12-02 20:52 - 2015-12-02 20:52 - 00001325 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-02 20:52 - 2015-12-02 20:52 - 00000426 __RSH C:\Users\Administrator\ntuser.pol
2015-12-02 20:52 - 2015-12-02 20:52 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2015-12-02 20:52 - 2015-12-02 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Highresolution Enterprises
2015-12-02 20:52 - 2015-12-02 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-12-02 20:52 - 2015-12-02 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2015-12-02 20:51 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2015-12-02 20:51 - 2015-12-02 20:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-12-02 20:51 - 2015-12-02 20:52 - 00000000 ____D C:\Users\Administrator
2015-12-02 20:51 - 2015-12-02 20:51 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-12-02 20:51 - 2015-05-14 02:39 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2013
2015-12-02 20:51 - 2014-02-23 18:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2015-12-02 20:51 - 2012-07-04 23:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2015-12-02 20:51 - 2012-07-03 17:39 - 00002094 _____ C:\Users\Administrator\Desktop\LG Burning Tool.lnk
2015-12-02 20:51 - 2012-07-03 17:39 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-12-02 20:51 - 2010-11-23 02:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2015-12-02 20:36 - 2015-12-02 21:27 - 00000975 _____ C:\Users\USER\USER - 捷徑 (2).lnk
2015-12-02 20:36 - 2015-12-02 20:36 - 00000943 _____ C:\Users\USER\USER - 捷徑.lnk
2015-12-02 20:31 - 2015-12-02 20:31 - 00000663 _____ C:\Users\USER\Documents\UpdateInfo.txt
2015-12-01 15:47 - 2015-12-02 21:29 - 03285560 _____ (ppy) C:\Users\USER\Desktop\osu!.exe.td
2015-12-01 15:47 - 2015-12-01 15:50 - 00000781 _____ C:\Users\USER\Desktop\osu!.exe.td.cfg
2015-11-29 23:11 - 2015-11-29 23:11 - 00000000 ____D C:\Users\Guest\AppData\Roaming\3909
2015-11-29 23:11 - 2015-11-29 23:11 - 00000000 ____D C:\Users\Guest\AppData\LocalLow\Adobe
2015-11-29 23:11 - 2015-11-29 23:11 - 00000000 ____D C:\Users\Guest\AppData\Local\Adobe
2015-11-26 18:05 - 2015-11-26 18:08 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Origin
2015-11-26 18:05 - 2015-11-26 18:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Origin
2015-11-26 18:02 - 2015-11-26 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-26 18:02 - 2015-11-26 18:02 - 00000000 ____D C:\ProgramData\ESET
2015-11-26 16:05 - 2015-11-26 16:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Steam
2015-11-26 16:05 - 2015-11-26 16:05 - 00000000 ____D C:\Users\Guest\AppData\Local\CEF
2015-11-26 15:58 - 2015-11-26 18:35 - 00001131 _____ C:\Users\Guest\Desktop\nativelog.txt
2015-11-26 15:55 - 2015-11-26 15:55 - 00000000 ____D C:\Users\Guest\AppData\Roaming\NVIDIA
2015-11-26 15:51 - 2015-11-26 16:00 - 00000000 ____D C:\Users\Guest\AppData\Roaming\.minecraft
2015-11-26 15:51 - 2015-11-26 15:51 - 00000000 ____D C:\Users\Guest\AppData\Roaming\java
2015-11-21 14:42 - 2015-12-04 14:42 - 00112632 _____ (Baidu) C:\Windows\system32\Drivers\BDCEnhance.sys
2015-11-21 14:42 - 2015-09-29 12:26 - 00034696 _____ (Baidu) C:\Windows\system32\Drivers\BDICx64.sys
2015-11-21 14:32 - 2015-11-21 14:42 - 00152344 _____ C:\Windows\SysWOW64\Drivers\bbrowserhlp.dll
2015-11-21 14:32 - 2015-11-21 14:42 - 00152344 _____ C:\Windows\system32\Drivers\bbrowserhlp.dll
2015-11-21 14:31 - 2015-11-21 14:42 - 00155640 _____ (Baidu) C:\Windows\system32\Drivers\bbrowserboost.sys
2015-11-20 22:24 - 2015-11-14 13:53 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-20 22:22 - 2015-11-16 11:35 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 37881976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 18363000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 13527440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-20 22:22 - 2015-11-16 11:35 - 02870576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 02490672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-20 22:22 - 2015-11-16 11:35 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-20 22:08 - 2015-11-13 02:37 - 00112712 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-11-20 19:04 - 2015-11-20 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-20 19:04 - 2015-11-20 19:04 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-12 22:01 - 2015-12-03 23:14 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-12 20:52 - 2015-11-12 20:52 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-12 19:48 - 2015-11-04 01:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 19:48 - 2015-10-21 02:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-12 19:48 - 2015-10-21 02:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-12 19:48 - 2015-10-21 02:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-12 19:48 - 2015-10-21 02:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-12 19:48 - 2015-10-21 02:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-12 19:48 - 2015-10-21 02:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-12 19:48 - 2015-10-21 02:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-12 19:48 - 2015-10-21 02:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-12 19:48 - 2015-10-21 02:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-12 19:48 - 2015-10-21 02:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-12 19:48 - 2015-10-21 02:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-12 19:48 - 2015-10-21 01:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-12 19:48 - 2015-10-21 01:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-12 19:48 - 2015-10-21 01:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-12 19:48 - 2015-10-21 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-12 19:48 - 2015-10-21 01:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-12 19:48 - 2015-10-20 09:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-12 19:48 - 2015-10-20 09:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-12 19:48 - 2015-10-20 09:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-12 19:48 - 2015-10-20 09:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-12 19:48 - 2015-10-20 09:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-12 19:48 - 2015-10-20 09:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-12 19:48 - 2015-10-20 09:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-12 19:48 - 2015-10-20 09:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-12 19:48 - 2015-10-20 09:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-12 19:48 - 2015-10-20 09:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-12 19:48 - 2015-10-20 09:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-12 19:48 - 2015-10-20 09:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-12 19:48 - 2015-10-20 09:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-12 19:48 - 2015-10-20 09:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-12 19:48 - 2015-10-20 09:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-12 19:48 - 2015-10-20 08:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-12 19:48 - 2015-10-20 08:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-12 19:48 - 2015-10-20 08:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-12 19:48 - 2015-10-20 08:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-12 19:48 - 2015-10-20 08:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-12 19:48 - 2015-10-20 08:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-12 19:48 - 2015-10-20 08:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-12 19:48 - 2015-10-20 08:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-12 19:48 - 2015-10-20 08:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-12 19:48 - 2015-10-20 08:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-12 19:48 - 2015-10-20 08:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-12 19:48 - 2015-10-20 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-12 19:48 - 2015-10-20 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 08:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 07:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-12 19:48 - 2015-10-20 07:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-12 19:48 - 2015-10-20 07:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-12 19:48 - 2015-10-20 07:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-12 19:48 - 2015-10-20 07:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-12 19:48 - 2015-10-20 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 19:48 - 2015-10-20 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-12 19:48 - 2015-10-14 00:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-12 19:48 - 2015-10-14 00:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-12 19:48 - 2015-09-23 21:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-12 19:48 - 2015-09-23 21:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-12 19:48 - 2015-09-23 21:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-12 19:03 - 2015-11-04 06:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-12 19:03 - 2015-11-04 05:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-12 19:03 - 2015-10-31 07:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-12 19:03 - 2015-10-31 07:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-12 19:03 - 2015-10-31 07:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-12 19:03 - 2015-10-31 07:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-12 19:03 - 2015-10-31 07:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-12 19:03 - 2015-10-31 07:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-12 19:03 - 2015-10-31 07:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-12 19:03 - 2015-10-31 07:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-12 19:03 - 2015-10-31 07:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-12 19:03 - 2015-10-31 07:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-12 19:03 - 2015-10-31 07:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-12 19:03 - 2015-10-31 07:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-12 19:03 - 2015-10-31 06:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-12 19:03 - 2015-10-31 06:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-12 19:03 - 2015-10-31 06:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-12 19:03 - 2015-10-31 06:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-12 19:03 - 2015-10-31 06:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-12 19:03 - 2015-10-31 06:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-12 19:03 - 2015-10-31 06:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-12 19:03 - 2015-10-31 06:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-12 19:03 - 2015-10-31 06:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-12 19:03 - 2015-10-31 06:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-12 19:03 - 2015-10-31 06:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-12 19:03 - 2015-10-31 06:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-12 19:03 - 2015-10-31 06:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-12 19:03 - 2015-10-31 06:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-12 19:03 - 2015-10-31 06:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-12 19:03 - 2015-10-31 06:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-12 19:03 - 2015-10-31 06:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-12 19:03 - 2015-10-31 06:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-12 19:03 - 2015-10-31 06:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-12 19:03 - 2015-10-31 06:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-12 19:03 - 2015-10-31 06:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-12 19:03 - 2015-10-31 06:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-12 19:03 - 2015-10-31 06:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-12 19:03 - 2015-10-31 06:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-12 19:03 - 2015-10-31 06:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-12 19:03 - 2015-10-31 06:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-12 19:03 - 2015-10-31 06:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-12 19:03 - 2015-10-31 06:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-12 19:03 - 2015-10-31 06:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-12 19:03 - 2015-10-31 06:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-12 19:03 - 2015-10-31 06:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-12 19:03 - 2015-10-31 06:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-12 19:03 - 2015-10-31 06:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-12 19:03 - 2015-10-31 06:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-12 19:03 - 2015-10-31 05:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-12 19:03 - 2015-10-31 05:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-12 19:03 - 2015-10-31 05:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-12 19:03 - 2015-10-31 05:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-12 19:02 - 2015-10-31 07:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-12 19:02 - 2015-10-31 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-12 19:02 - 2015-10-31 07:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-12 19:02 - 2015-10-31 07:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-12 19:02 - 2015-10-31 07:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-12 19:02 - 2015-10-31 07:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-12 19:02 - 2015-10-31 07:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-12 19:02 - 2015-10-31 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-12 19:02 - 2015-10-31 06:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-12 19:02 - 2015-10-31 06:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-12 19:02 - 2015-10-31 06:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-12 19:02 - 2015-10-31 06:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-12 18:48 - 2015-11-12 18:48 - 00000000 ____D C:\QvodPlayer
2015-11-11 19:19 - 2015-10-13 12:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 19:19 - 2015-10-02 02:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 19:19 - 2015-10-02 02:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 19:19 - 2015-10-02 01:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-08 00:27 - 2015-11-03 06:48 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-08 00:27 - 2015-11-03 06:48 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-08 00:27 - 2015-11-03 01:10 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435887.dll
2015-11-08 00:27 - 2015-11-03 01:10 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435887.dll
2015-11-08 00:04 - 2015-08-11 12:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-08 00:04 - 2015-08-11 12:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-07 20:15 - 2015-11-13 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-07 18:59 - 2015-11-07 18:59 - 00000000 ____D C:\Users\USER\AppData\Roaming\Sibelius Software
2015-11-07 18:57 - 2015-11-07 18:57 - 00000000 ____D C:\Program Files (x86)\Sibelius Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-04 22:57 - 2015-03-24 16:39 - 00000000 ____D C:\Users\USER\AppData\Roaming\Curse Client
2015-12-04 22:56 - 2013-11-26 22:52 - 00000000 ____D C:\Users\USER\AppData\Local\Battle.net
2015-12-04 22:52 - 2015-07-16 18:30 - 00000542 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfb27509a020.job
2015-12-04 22:52 - 2012-07-03 17:47 - 00000526 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-04 22:49 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\tracing
2015-12-04 22:48 - 2012-07-26 23:24 - 00000000 ____D C:\Users\USER\AppData\Roaming\Skype
2015-12-04 22:35 - 2015-05-15 22:32 - 00000542 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f1c6c5a9c1.job
2015-12-04 22:27 - 2012-07-03 17:29 - 00003872 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BF47A033-53FD-45B0-87F5-B1E2ADCBF696}
2015-12-04 22:26 - 2014-10-18 09:15 - 00000542 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfea7124d97be.job
2015-12-04 22:25 - 2015-08-31 00:47 - 00000542 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e3438e64b500.job
2015-12-04 22:20 - 2013-02-15 23:10 - 00000542 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 22:01 - 2015-09-19 00:20 - 00000542 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f22df0144e42.job
2015-12-04 22:00 - 2015-09-19 00:20 - 00000538 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f22defb9d9f8.job
2015-12-04 21:55 - 2015-09-19 00:20 - 00003538 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0f22df0144e42
2015-12-04 21:55 - 2015-09-19 00:20 - 00003286 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0f22defb9d9f8
2015-12-04 19:24 - 2015-05-26 17:22 - 00000000 ____D C:\Users\USER\AppData\Local\LogMeIn Hamachi
2015-12-04 18:35 - 2014-10-18 09:15 - 00000538 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfea7115cf2a8.job
2015-12-04 14:56 - 2009-07-14 12:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-04 14:56 - 2009-07-14 12:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-04 14:49 - 2014-05-11 00:32 - 00000000 ____D C:\ProgramData\Origin
2015-12-04 14:49 - 2013-12-05 21:29 - 01048576 _____ C:\Windows\PE_Rom.dll
2015-12-04 14:44 - 2015-05-19 04:23 - 00000000 ___RD C:\Users\USER\OneDrive
2015-12-04 14:44 - 2014-11-11 20:26 - 00000000 ___RD C:\Users\USER\Google Drive
2015-12-04 14:44 - 2013-12-18 19:33 - 00000000 ____D C:\Users\USER\Downloads\WiseCare365Portable
2015-12-04 14:44 - 2013-11-14 17:44 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-12-04 14:43 - 2015-08-31 00:47 - 00000538 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3438d6f06c8.job
2015-12-04 14:43 - 2015-07-16 18:30 - 00000538 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfb26a6c2f56.job
2015-12-04 14:43 - 2013-12-18 20:01 - 00000428 _____ C:\Windows\Tasks\Wise Care 365.job
2015-12-04 14:43 - 2013-02-15 23:10 - 00000538 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 14:42 - 2015-07-25 09:31 - 00288264 _____ (Baidu) C:\Windows\system32\Drivers\bduniptk.sys
2015-12-04 14:42 - 2014-07-29 22:27 - 00181072 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys
2015-12-04 14:42 - 2013-01-31 17:41 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-12-04 14:42 - 2012-07-03 17:13 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-04 14:42 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-04 14:15 - 2009-07-14 11:20 - 00000000 ____D C:\Windows
2015-12-04 01:54 - 2014-04-14 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-04 00:15 - 2012-08-18 23:56 - 00000000 ____D C:\Users\USER\AppData\Roaming\uTorrent
2015-12-04 00:11 - 2014-07-29 22:27 - 00181072 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys_29359
2015-12-03 22:00 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-03 03:50 - 2012-12-10 21:34 - 00000000 ____D C:\Users\USER\AppData\Roaming\TeamViewer
2015-12-03 03:50 - 2009-07-14 13:08 - 00032652 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-03 01:52 - 2012-10-26 22:34 - 00000000 ____D C:\Users\USER\Documents\StarCraft II
2015-12-02 21:40 - 2015-03-12 01:28 - 00000000 ____D C:\Users\USER\Desktop\mathclub_work
2015-12-02 20:55 - 2009-07-14 12:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-02 20:46 - 2013-12-19 19:23 - 00118296 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-12-02 20:45 - 2013-12-11 18:39 - 00118296 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-12-02 20:41 - 2009-07-14 12:45 - 00417448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-02 20:13 - 2013-12-18 20:01 - 00000408 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2015-12-02 03:48 - 2013-11-26 22:52 - 00000000 ____D C:\Users\USER\AppData\Roaming\Battle.net
2015-12-01 16:07 - 2012-07-03 21:16 - 00000000 ____D C:\Program Files (x86)\osu!
2015-11-30 20:36 - 2014-06-24 14:19 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-30 15:38 - 2012-07-03 20:34 - 00000000 ____D C:\Users\USER\AppData\Local\ElevatedDiagnostics
2015-11-30 11:49 - 2012-07-03 19:28 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-30 09:46 - 2015-06-22 02:29 - 00000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2015-11-29 23:11 - 2015-06-22 02:29 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2015-11-28 23:20 - 2012-10-09 21:29 - 00007606 _____ C:\Users\USER\AppData\Local\Resmon.ResmonCfg
2015-11-28 20:49 - 2014-03-28 18:22 - 00000000 ____D C:\Users\USER\Desktop\foobar2000Portable
2015-11-26 18:04 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
2015-11-26 04:05 - 2014-04-22 15:43 - 00003050 _____ C:\Windows\MB.idx
2015-11-26 04:05 - 2013-12-05 21:34 - 00000551 _____ C:\Windows\Path.idx
2015-11-25 23:20 - 2015-07-21 13:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-25 23:06 - 2015-10-26 01:38 - 00002026 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-25 23:06 - 2015-10-26 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-25 23:05 - 2012-07-03 17:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-25 23:03 - 2015-06-22 02:30 - 03234610 _____ C:\Users\Guest\Desktop\賽馬日.xlsm
2015-11-25 20:08 - 2014-12-11 18:43 - 00000000 ____D C:\Windows\rescache
2015-11-25 19:11 - 2012-07-03 17:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-21 14:42 - 2014-07-29 22:27 - 00000000 ____D C:\ProgramData\Baidu
2015-11-21 14:42 - 2014-07-29 22:27 - 00000000 ____D C:\Program Files (x86)\Baidu
2015-11-21 14:32 - 2013-12-18 19:38 - 00000000 ____D C:\ProgramData\ProductData
2015-11-21 00:16 - 2015-06-05 01:48 - 03804329 _____ C:\Users\USER\Desktop\賽馬日.xlsm
2015-11-20 22:26 - 2012-07-03 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-20 22:26 - 2012-07-03 17:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 22:07 - 2013-12-18 18:59 - 00000000 ____D C:\Users\USER\AppData\Local\NVIDIA Corporation
2015-11-20 21:00 - 2015-04-28 15:12 - 00015106 _____ C:\Users\USER\Desktop\FTBLauncherLog.txt
2015-11-20 21:00 - 2015-04-28 15:12 - 00000065 _____ C:\Users\USER\Desktop\MinecraftLog.txt
2015-11-20 20:58 - 2015-04-28 15:12 - 07561844 _____ C:\Users\USER\Desktop\FTB_Launcher.exe
2015-11-20 20:58 - 2014-07-10 22:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\ftblauncher
2015-11-20 20:58 - 2014-07-10 22:13 - 00000000 ____D C:\Users\USER\AppData\Local\ftblauncher
2015-11-16 11:35 - 2015-06-11 22:14 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-16 11:35 - 2013-07-01 15:33 - 12770944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-16 11:35 - 2012-07-04 20:13 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-16 11:35 - 2012-07-03 17:12 - 17515528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-16 11:35 - 2012-07-03 17:12 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-16 11:35 - 2012-07-03 17:12 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-14 16:06 - 2015-03-12 01:14 - 00000000 ____D C:\Users\USER\Desktop\win7installation_iso
2015-11-14 14:14 - 2014-02-24 13:28 - 00714988 _____ C:\Windows\system32\prfh0416.dat
2015-11-14 14:14 - 2014-02-24 13:28 - 00656816 _____ C:\Windows\system32\perfh01F.dat
2015-11-14 14:14 - 2014-02-24 13:28 - 00509782 _____ C:\Windows\system32\perfh006.dat
2015-11-14 14:14 - 2014-02-24 13:28 - 00152478 _____ C:\Windows\system32\prfc0416.dat
2015-11-14 14:14 - 2014-02-24 13:28 - 00144682 _____ C:\Windows\system32\perfc01F.dat
2015-11-14 14:14 - 2014-02-24 13:28 - 00103364 _____ C:\Windows\system32\perfc006.dat
2015-11-14 14:14 - 2013-11-13 02:39 - 00421248 _____ C:\Windows\system32\perfh011.dat
2015-11-14 14:14 - 2013-11-13 02:39 - 00126270 _____ C:\Windows\system32\perfc011.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00747796 _____ C:\Windows\system32\perfh00A.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00746118 _____ C:\Windows\system32\perfh013.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00726246 _____ C:\Windows\system32\perfh019.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00686596 _____ C:\Windows\system32\perfh00E.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00669990 _____ C:\Windows\system32\perfh005.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00664554 _____ C:\Windows\system32\perfh01D.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00610918 _____ C:\Windows\system32\perfh008.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00495272 _____ C:\Windows\system32\perfh014.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00482844 _____ C:\Windows\system32\perfh00B.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00425282 _____ C:\Windows\system32\perfh012.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00379502 _____ C:\Windows\system32\prfh0804.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00177994 _____ C:\Windows\system32\perfc00E.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00164670 _____ C:\Windows\system32\perfc00A.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00158460 _____ C:\Windows\system32\perfc013.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00156114 _____ C:\Windows\system32\perfc019.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00147446 _____ C:\Windows\system32\perfc01D.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00146878 _____ C:\Windows\system32\perfc005.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00124884 _____ C:\Windows\system32\perfc012.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00124092 _____ C:\Windows\system32\prfc0804.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00117546 _____ C:\Windows\system32\perfc008.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00107148 _____ C:\Windows\system32\perfc00B.dat
2015-11-14 14:14 - 2012-10-10 19:02 - 00100136 _____ C:\Windows\system32\perfc014.dat
2015-11-14 14:14 - 2012-10-09 18:16 - 00392126 _____ C:\Windows\system32\perfh00D.dat
2015-11-14 14:14 - 2012-10-09 18:16 - 00089258 _____ C:\Windows\system32\perfc00D.dat
2015-11-14 14:14 - 2012-10-09 17:56 - 00742794 _____ C:\Windows\system32\perfh010.dat
2015-11-14 14:14 - 2012-10-09 17:56 - 00152352 _____ C:\Windows\system32\perfc010.dat
2015-11-14 14:14 - 2012-10-09 17:48 - 00748104 _____ C:\Windows\system32\perfh00C.dat
2015-11-14 14:14 - 2012-10-09 17:48 - 00479980 _____ C:\Windows\system32\perfh001.dat
2015-11-14 14:14 - 2012-10-09 17:48 - 00154994 _____ C:\Windows\system32\perfc00C.dat
2015-11-14 14:14 - 2012-10-09 17:48 - 00099272 _____ C:\Windows\system32\perfc001.dat
2015-11-14 14:14 - 2012-10-09 17:32 - 00700212 _____ C:\Windows\system32\perfh007.dat
2015-11-14 14:14 - 2012-10-09 17:32 - 00154374 _____ C:\Windows\system32\perfc007.dat
2015-11-14 14:14 - 2010-11-23 01:54 - 00396802 _____ C:\Windows\system32\prfh0404.dat
2015-11-14 14:14 - 2010-11-23 01:54 - 00119590 _____ C:\Windows\system32\prfc0404.dat
2015-11-14 14:14 - 2009-07-14 13:13 - 15999902 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-14 14:06 - 2012-07-03 17:13 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-14 14:06 - 2012-07-03 17:13 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-14 14:06 - 2012-07-03 17:13 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-14 14:06 - 2012-07-03 17:13 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-14 14:06 - 2012-07-03 17:13 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-14 14:06 - 2012-07-03 17:13 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-14 14:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2015-11-14 14:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2015-11-14 14:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2015-11-14 14:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\lv-LV
2015-11-14 14:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\lt-LT
2015-11-14 14:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\et-EE
2015-11-14 04:16 - 2014-02-23 20:09 - 00000000 ____D C:\Windows\system32\MRT
2015-11-14 04:16 - 2012-07-03 18:03 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-14 04:05 - 2012-08-01 13:30 - 15647488 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 11:59 - 2013-10-12 23:35 - 00000000 ____D C:\Users\USER\AppData\Local\Eclipse
2015-11-13 11:59 - 2013-10-11 22:14 - 00000000 ____D C:\eclipse
2015-11-13 02:37 - 2014-08-01 01:45 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-11-13 02:37 - 2014-08-01 01:45 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-13 02:37 - 2013-12-05 23:07 - 01828160 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-11-13 02:37 - 2013-12-05 23:07 - 01509824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-12 23:52 - 2014-02-22 17:38 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-12 20:52 - 2012-07-03 17:47 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 20:52 - 2012-07-03 17:47 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-12 20:52 - 2012-07-03 17:47 - 00003464 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-12 11:51 - 2015-07-15 10:42 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-11 23:43 - 2010-11-23 02:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 18:14 - 2015-06-22 02:29 - 00118296 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-08 17:10 - 2012-07-26 23:24 - 00000000 ____D C:\ProgramData\Skype
2015-11-07 21:34 - 2014-05-11 01:51 - 00001162 _____ C:\Users\USER\Desktop\Daum Potplayer.lnk

==================== Files in the root of some directories =======

2012-07-03 19:15 - 2015-01-23 19:28 - 0000954 _____ () C:\Users\USER\AppData\Roaming\CoreAVC.ini
2013-04-10 16:16 - 2013-04-10 16:16 - 0000024 _____ () C:\Users\USER\AppData\Roaming\MyPhrases.dta
2015-11-07 18:55 - 2015-11-07 18:58 - 0607010 _____ () C:\Users\USER\AppData\Roaming\Scorch_Install.log
2014-06-19 13:16 - 2014-06-19 13:16 - 0000024 _____ () C:\Users\USER\AppData\Roaming\temp.ini
2014-01-21 19:41 - 2014-01-21 19:42 - 0000045 _____ () C:\Users\USER\AppData\Roaming\xlaccolsetupstatus.ini
2014-01-21 19:36 - 2014-01-25 21:34 - 0000054 _____ () C:\Users\USER\AppData\Roaming\xlgdlapp.ini
2013-07-01 00:52 - 2013-07-01 21:24 - 1065984 _____ () C:\Users\USER\AppData\Local\file__0.localstorage
2013-02-24 08:48 - 2013-02-24 08:48 - 0000092 _____ () C:\Users\USER\AppData\Local\fusioncache.dat
2012-10-09 21:29 - 2015-11-28 23:20 - 0007606 _____ () C:\Users\USER\AppData\Local\Resmon.ResmonCfg
2013-10-25 20:27 - 2013-10-25 20:35 - 0000168 _____ () C:\Users\USER\AppData\Local\temp.tmp
2015-03-02 18:57 - 2015-03-02 18:57 - 0017664 _____ () C:\ProgramData\102953822.png
2014-02-16 16:03 - 2014-02-16 16:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-26 14:58 - 2014-07-30 16:16 - 0000040 _____ () C:\ProgramData\DT0001.dat
2014-07-18 17:57 - 2014-07-30 16:16 - 0000040 _____ () C:\ProgramData\DT0006.dat
2012-08-24 19:06 - 2012-06-25 19:06 - 0000032 ____R () C:\ProgramData\hash.dat
2015-10-02 22:26 - 2015-10-09 17:35 - 0046450 _____ () C:\ProgramData\RulesDecks.xml
2015-03-02 18:57 - 2015-03-02 18:57 - 0000666 _____ () C:\ProgramData\UpdateInfo.txt

Files to move or delete:
====================
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat
C:\ProgramData\hash.dat
C:\Users\USER\a007.exe
C:\Users\USER\簡體中文執行.reg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-11-30 10:07

==================== End of FRST.txt ============================

Thread: permission hijacked

Thread Tools

Display

Threaded View

permission hijacked

Posting Permissions