User Tag List

DNS Unlocker

This is a discussion on DNS Unlocker within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hey guys, I really need to remove DNS Unlocker from my PC. I already tried several of the methods found


 
 
Thread Tools Search this Thread
Old 10-10-2015, 10:38 AM   #1
Registered Member
 
Join Date: Jun 2013
Posts: 58
OS: win7 64



Hey guys,

I really need to remove DNS Unlocker from my PC. I already tried several of the methods found elsewhere in the internet (malware bytes, Hitman pro, adware). At first, these programs seem to clean my PC (tried several of them in several past infections on this computer). However, after some days are past, it all come back again in all of its force.

I also safely removed the program, removed its extension in Chrome, but it is immortal!!!

Does anyone has any clue on what should I do to completely get rid of it once and for all?

Thank you very much.
silvadp is offline  
Sponsored Links
Advertisement
 
Old 10-10-2015, 02:36 PM   #2
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello silvadp,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we?

Please do the following steps.

STEP 1

Please download AdwCleaner from here and save it to your desktop.

Do NOT click the green 'Download' button(if visible).
Click the blue 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Cleaning
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
Please copy/paste the contents of the log in your next reply.

=========================================================

STEP 2


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
__________________
tekir06 is offline  
Old 10-10-2015, 02:48 PM   #3
Registered Member
 
Join Date: Jun 2013
Posts: 58
OS: win7 64



Dear tekir06,

here are the requested files....

Every time I run adwcleaner, I notice that there is a program which automatically installs a so-called "Yahoo extension to chrome". I am afraid that this program is the one responsible for the whole mess, but I am not able to discover which program would that be...

Any help is very much appreciated.

Thank you for your attention.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-10-2015
Ran by Daniel (administrator) on ASUSG751JT (10-10-2015 18:42:56)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 10 Home (X64) Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\46.0.2490.13\remoting_host.exe
() C:\Users\Daniel\AppData\Local\Crsoft\crsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
() C:\Users\Daniel\AppData\Roaming\DNSHelper\DNSSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Users\Daniel\AppData\Roaming\NetService\netservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\46.0.2490.13\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Users\Daniel\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\wmi64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
() C:\Program Files (x86)\WinHotKey\WinHotKey.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348712 2015-06-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-11-09] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478752 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\...\Run: [WinHotKey] => C:\Program Files (x86)\WinHotKey\WinHotKey.exe [480768 2004-11-11] ()
HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\...\Run: [$Volumouse$] => D:\Dropbox\Programas\Programas Gerais\Volumouse\Volumouse\volumouse.exe [88576 2011-06-21] (NirSoft)
HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568208 2015-09-11] (Google)
HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\...\Run: [GoogleChromeAutoLaunch_9CB2B8404301F8169D10E27C4B481A41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [870728 2015-10-07] (Google Inc.)
HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [79576 2009-05-05] ()
HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-07-10] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 189.7.40.42 189.7.40.46
Tcpip\..\Interfaces\{b03fe189-1d33-473c-89d8-97d2c9eee88e}: [DhcpNameServer] 10.2.0.4 10.2.0.5
Tcpip\..\Interfaces\{dabdd584-37d9-463b-b566-c710f6872933}: [DhcpNameServer] 189.7.40.42 189.7.40.46

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
SearchScopes: HKU\S-1-5-21-3853214936-2182502920-1632424319-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3853214936-2182502920-1632424319-1001 -> {D3E5F64F-E37F-4751-AB12-830A57BE405B} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0ureioad.default
FF Session Restore: -> is enabled.
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3853214936-2182502920-1632424319-1001: gastecnologia.com.br/sf/bb -> C:\Users\Daniel\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3853214936-2182502920-1632424319-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Daniel\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-03-06] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-07-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2015-08-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.gmail.com/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox"
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x64\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.64\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-13]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-13]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-13]
CHR Extension: (Bloqueador de Remetentes) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklnjbfcmglhiaoppcckdodanccbelcg [2015-10-07]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-16]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-13]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-13]
CHR Extension: (Gmail Off-line) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-07-13]
CHR Extension: (Planilhas do Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-13]
CHR Extension: (FBDown Video Downloader) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2015-09-30]
CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-07-13]
CHR Extension: (Documentos Google off-line) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-07-29]
CHR Extension: (Botão do Google Acadêmico) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2015-07-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-13]
CHR Extension: (Black Black Chrome Theme Neon Green Highlight) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\phpbpckgofmlhfpbakbfbkiopngnpigh [2015-09-18]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-13]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKU\S-1-5-21-3853214936-2182502920-1632424319-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.3\bin\lmgrd.exe [1499512 2014-10-27] (Flexera Software LLC)
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [345912 2014-08-29] (ASUSTeK)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-08-06] (Kaspersky Lab ZAO)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\46.0.2490.13\remoting_host.exe [69448 2015-09-01] (Google Inc.)
R2 Crashhd; C:\Users\Daniel\AppData\Local\Crsoft\crsvc.exe [185800 2015-09-24] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
R2 DNSSVC; C:\Users\Daniel\AppData\Roaming\DNSHelper\DNSSVC.exe [142792 2015-09-07] ()
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-05-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MASMonitorService; C:\Program Files (x86)\StatSoft\MAS\MASMonitorService.exe [593336 2010-11-04] (StatSoft, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NetTcpHandler; C:\Users\Daniel\AppData\Roaming\NetService\netservice.exe [173088 2015-07-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [File not signed]
R2 STATISTICA License Manager; C:\Program Files (x86)\StatSoft\FLEXlm\lmgrd.exe [1500424 2010-11-04] (Acresso Software Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S2 WebSTATISTICA; C:\Program Files (x86)\StatSoft\WebSTATISTICA\WebSTAT.exe [473528 2010-11-04] (StatSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2015-10-10] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-03] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [4043504 2015-08-02] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [48336 2014-03-27] (Titan ARC Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-07-28] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-10 18:44 - 2015-10-10 18:45 - 02195456 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64 (1).exe
2015-10-10 18:42 - 2015-10-10 18:45 - 00033491 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-10-10 18:42 - 2015-10-10 18:43 - 00000000 ____D C:\FRST
2015-10-10 18:42 - 2015-10-10 18:42 - 00001487 _____ C:\Users\Daniel\Desktop\AdwCleaner[C11].txt
2015-10-10 18:41 - 2015-10-10 18:41 - 00016148 _____ C:\WINDOWS\system32\ASUSG751JT_Daniel_HistoryPrediction.bin
2015-10-10 18:38 - 2015-10-10 18:38 - 02195456 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-10-10 17:49 - 2015-10-10 17:49 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-10 13:58 - 2015-10-10 13:58 - 00001728 _____ C:\WINDOWS\system32\.crusader
2015-10-10 13:49 - 2015-10-10 13:59 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-10 13:48 - 2015-10-10 13:48 - 05078968 _____ ( ) C:\Users\Daniel\Desktop\Zemana.AntiMalware.Setup.exe
2015-10-10 13:46 - 2015-10-10 13:47 - 11336600 _____ (SurfRight B.V.) C:\Users\Daniel\Desktop\HitmanPro_x64.exe
2015-10-10 12:39 - 2015-10-10 12:39 - 01682432 _____ C:\Users\Daniel\Desktop\adwcleaner_5.013.exe
2015-10-06 21:47 - 2015-10-06 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 21:44 - 2015-10-01 21:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-01 21:44 - 2015-09-13 18:57 - 00574256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-01 21:43 - 2015-09-13 21:24 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 18569848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 16646112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 15336024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 14945040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 13666840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 12191856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 01064056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00986416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00785152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00631128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00387720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-01 21:43 - 2015-09-13 21:24 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-09-30 17:26 - 2015-09-24 21:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 17:26 - 2015-09-24 20:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 17:26 - 2015-09-24 20:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:26 - 2015-09-24 20:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 17:26 - 2015-09-24 20:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 17:26 - 2015-09-24 20:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 17:26 - 2015-09-24 20:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 17:26 - 2015-09-24 20:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 17:26 - 2015-09-24 20:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 17:26 - 2015-09-24 20:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 17:26 - 2015-09-24 20:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 17:26 - 2015-09-24 20:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 17:26 - 2015-09-24 19:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 17:26 - 2015-09-24 19:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 17:26 - 2015-09-24 19:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 17:26 - 2015-09-24 19:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 17:26 - 2015-09-24 19:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 17:26 - 2015-09-24 19:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 17:26 - 2015-09-24 19:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 17:26 - 2015-09-24 19:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 17:26 - 2015-09-24 19:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 17:26 - 2015-09-19 02:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 17:26 - 2015-09-17 03:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 17:26 - 2015-09-17 03:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 17:26 - 2015-09-17 03:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 17:26 - 2015-09-17 03:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 17:26 - 2015-09-17 03:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 17:26 - 2015-09-17 03:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 17:26 - 2015-09-17 03:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 17:26 - 2015-09-17 03:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 17:26 - 2015-09-17 03:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 17:26 - 2015-09-17 03:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 17:26 - 2015-09-17 03:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 17:26 - 2015-09-17 03:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 17:26 - 2015-09-17 03:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 17:26 - 2015-09-17 03:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 17:26 - 2015-09-17 03:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 17:26 - 2015-09-17 03:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 17:26 - 2015-09-17 03:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 17:26 - 2015-09-17 03:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 17:26 - 2015-09-17 03:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 17:26 - 2015-09-17 03:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 17:26 - 2015-09-17 03:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 17:26 - 2015-09-17 03:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 17:26 - 2015-09-17 03:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 17:26 - 2015-09-17 03:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 17:26 - 2015-09-17 03:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 17:26 - 2015-09-17 03:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 17:26 - 2015-09-17 03:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 17:26 - 2015-09-17 03:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 17:26 - 2015-09-17 03:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 17:26 - 2015-09-17 03:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 17:26 - 2015-09-17 03:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 17:26 - 2015-09-17 03:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 17:26 - 2015-09-17 03:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 17:26 - 2015-09-17 03:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 17:26 - 2015-09-17 03:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 17:26 - 2015-09-17 03:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 17:26 - 2015-09-17 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 17:26 - 2015-09-17 03:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 17:26 - 2015-09-17 03:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 17:26 - 2015-09-17 03:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 17:26 - 2015-09-17 03:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 17:26 - 2015-09-17 03:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 17:26 - 2015-09-17 03:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 17:26 - 2015-09-17 03:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 17:26 - 2015-09-17 03:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 17:26 - 2015-09-17 03:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 17:26 - 2015-09-17 03:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 17:26 - 2015-09-17 03:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 17:26 - 2015-09-17 03:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 17:26 - 2015-09-17 03:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 17:26 - 2015-09-17 03:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 17:26 - 2015-09-17 03:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 17:26 - 2015-09-17 03:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 17:26 - 2015-09-17 03:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 17:26 - 2015-09-17 03:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 17:26 - 2015-09-17 03:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 17:26 - 2015-09-17 03:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 17:26 - 2015-09-17 02:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 17:26 - 2015-09-17 02:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 17:26 - 2015-09-17 02:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 17:26 - 2015-09-17 02:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 17:26 - 2015-09-17 02:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 17:26 - 2015-09-17 02:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 17:26 - 2015-09-17 02:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 17:26 - 2015-09-17 02:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 17:26 - 2015-09-17 02:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 17:26 - 2015-09-17 02:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 17:26 - 2015-09-17 02:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 17:26 - 2015-09-17 02:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 17:26 - 2015-09-17 02:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 17:26 - 2015-09-17 02:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 17:26 - 2015-09-17 02:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 17:26 - 2015-09-17 02:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 17:26 - 2015-09-17 02:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 17:26 - 2015-09-17 02:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 17:26 - 2015-09-17 02:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 17:26 - 2015-09-17 02:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 17:26 - 2015-09-17 02:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 17:26 - 2015-09-17 02:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 17:26 - 2015-09-17 02:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 17:26 - 2015-09-17 02:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 17:26 - 2015-09-17 02:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 17:26 - 2015-09-17 02:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 17:26 - 2015-09-17 02:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 17:26 - 2015-09-17 02:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 17:26 - 2015-09-17 02:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 17:26 - 2015-09-17 02:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 17:26 - 2015-09-17 02:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 17:26 - 2015-09-17 02:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 17:26 - 2015-09-17 02:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 17:26 - 2015-09-17 02:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 17:26 - 2015-09-17 02:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 17:26 - 2015-09-17 02:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 17:26 - 2015-09-17 02:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:26 - 2015-09-17 02:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 17:26 - 2015-09-17 02:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 17:26 - 2015-09-17 02:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 17:26 - 2015-09-17 02:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 17:26 - 2015-09-17 02:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 17:26 - 2015-09-17 02:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 17:26 - 2015-09-17 02:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 17:26 - 2015-09-17 02:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 17:26 - 2015-09-17 02:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 17:26 - 2015-09-17 02:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 17:26 - 2015-09-17 02:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 17:26 - 2015-09-17 02:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 17:26 - 2015-09-17 02:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 17:26 - 2015-09-17 02:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 17:26 - 2015-09-17 02:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 17:26 - 2015-09-17 02:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 17:26 - 2015-09-17 02:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 17:26 - 2015-09-17 02:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 17:26 - 2015-09-17 02:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 17:26 - 2015-09-17 02:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 17:26 - 2015-09-17 02:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 17:26 - 2015-09-17 02:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 17:26 - 2015-09-17 02:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 17:26 - 2015-09-17 02:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 17:26 - 2015-09-17 02:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 17:26 - 2015-09-17 02:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 17:26 - 2015-09-17 02:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 17:26 - 2015-09-17 02:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 17:26 - 2015-09-17 02:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 17:26 - 2015-09-17 02:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 17:26 - 2015-09-17 02:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 17:26 - 2015-09-17 02:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 17:26 - 2015-09-17 02:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 17:26 - 2015-09-17 02:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 17:26 - 2015-09-17 02:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 17:26 - 2015-09-17 02:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 17:26 - 2015-09-17 02:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 17:26 - 2015-09-17 02:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 17:26 - 2015-09-17 02:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 17:26 - 2015-09-17 02:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 17:26 - 2015-09-17 02:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 17:26 - 2015-09-17 02:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 17:26 - 2015-09-17 02:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 17:26 - 2015-09-17 02:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 17:26 - 2015-09-17 02:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 17:26 - 2015-09-17 02:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 17:26 - 2015-09-17 02:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 17:26 - 2015-09-17 02:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 17:26 - 2015-09-12 23:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 17:26 - 2015-09-12 22:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 17:25 - 2015-09-24 21:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 17:25 - 2015-09-24 21:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 17:25 - 2015-09-24 20:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 17:25 - 2015-09-24 20:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 17:25 - 2015-09-24 20:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 17:25 - 2015-09-24 20:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 17:25 - 2015-09-24 20:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 17:25 - 2015-09-24 19:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 17:25 - 2015-09-24 19:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 17:25 - 2015-09-17 03:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 17:25 - 2015-09-17 03:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 17:25 - 2015-09-17 03:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 17:25 - 2015-09-17 03:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 17:25 - 2015-09-17 03:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 17:25 - 2015-09-17 03:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 17:25 - 2015-09-17 03:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 17:25 - 2015-09-17 03:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 17:25 - 2015-09-17 03:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 17:25 - 2015-09-17 03:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 17:25 - 2015-09-17 03:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 17:25 - 2015-09-17 03:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 17:25 - 2015-09-17 03:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 17:25 - 2015-09-17 03:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 17:25 - 2015-09-17 03:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 17:25 - 2015-09-17 02:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 17:25 - 2015-09-17 02:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 17:25 - 2015-09-17 02:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 17:25 - 2015-09-17 02:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 17:25 - 2015-09-17 02:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:25 - 2015-09-17 02:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 17:25 - 2015-09-17 02:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 17:25 - 2015-09-17 02:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 17:25 - 2015-09-17 02:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 17:25 - 2015-09-17 02:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 17:25 - 2015-09-17 02:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 17:25 - 2015-09-17 02:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 17:25 - 2015-09-17 02:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 17:25 - 2015-09-17 02:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 17:25 - 2015-09-17 02:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 17:25 - 2015-09-17 02:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 17:25 - 2015-09-17 02:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 17:25 - 2015-09-17 02:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 17:25 - 2015-09-17 02:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 17:25 - 2015-09-17 02:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 17:25 - 2015-09-17 02:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 17:25 - 2015-09-17 02:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 17:25 - 2015-09-17 02:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-29 09:54 - 2015-09-29 09:54 - 1049438351 _____ C:\WINDOWS\MEMORY.DMP
2015-09-29 09:54 - 2015-09-29 09:54 - 00378976 _____ C:\WINDOWS\Minidump\092915-23562-01.dmp
2015-09-25 09:19 - 2015-09-25 09:19 - 00000000 ____D C:\Users\Daniel\AppData\Local\Crsoft
2015-09-25 09:08 - 2015-09-25 09:09 - 00374224 _____ C:\WINDOWS\Minidump\092515-32515-01.dmp
2015-09-25 09:01 - 2015-09-25 09:01 - 00404432 _____ C:\WINDOWS\Minidump\092515-27703-01.dmp
2015-09-20 04:09 - 2015-08-27 03:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-20 04:09 - 2015-08-27 03:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-20 04:09 - 2015-08-27 02:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-20 04:09 - 2015-08-27 02:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-20 04:09 - 2015-08-27 02:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-20 04:09 - 2015-08-27 02:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-20 04:09 - 2015-08-27 02:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-20 04:09 - 2015-08-27 02:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-20 04:09 - 2015-08-27 02:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-20 04:09 - 2015-08-27 02:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-20 04:09 - 2015-08-27 02:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-20 04:09 - 2015-08-27 02:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-20 04:09 - 2015-08-27 02:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-20 04:09 - 2015-08-27 02:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-20 04:09 - 2015-08-27 02:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-20 04:09 - 2015-08-27 02:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-20 04:09 - 2015-08-27 02:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-20 04:09 - 2015-08-27 02:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-20 04:09 - 2015-08-27 02:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-20 04:09 - 2015-08-27 02:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-20 04:09 - 2015-08-27 02:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-20 04:09 - 2015-08-27 02:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-20 04:09 - 2015-08-27 02:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-20 04:09 - 2015-08-27 02:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-19 21:58 - 2015-09-19 21:58 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Temp
2015-09-19 21:30 - 2015-09-19 21:30 - 00378832 _____ C:\WINDOWS\Minidump\091915-25281-01.dmp
2015-09-19 13:38 - 2015-09-19 13:38 - 00379096 _____ C:\WINDOWS\Minidump\091915-34531-01.dmp
2015-09-18 18:07 - 2015-09-18 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2015-09-18 18:07 - 2015-09-18 18:07 - 00000000 ____D C:\Program Files\RStudio
2015-09-17 01:24 - 2015-09-17 01:24 - 00000000 ___RD C:\Users\Daniel\3D Objects
2015-09-16 20:50 - 2015-09-29 09:54 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-16 20:50 - 2015-09-16 20:51 - 00375872 _____ C:\WINDOWS\Minidump\091615-23234-01.dmp
2015-09-15 15:08 - 2015-09-18 16:37 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-15 15:08 - 2015-09-16 21:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Mozilla
2015-09-15 15:08 - 2015-09-15 15:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mozilla
2015-09-15 15:08 - 2015-09-15 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-15 14:28 - 2015-09-15 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2015-09-15 14:28 - 2015-09-15 14:28 - 00000000 ____D C:\Program Files\BitComet
2015-09-10 14:08 - 2015-09-10 14:08 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Intel
2015-09-10 11:37 - 2015-09-10 11:37 - 00000000 ____D C:\WINDOWS\PCHEALTH

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-10 18:42 - 2015-07-13 09:59 - 00000000 ____D C:\Users\Daniel\AppData\Local\Dropbox
2015-10-10 18:42 - 2015-07-13 09:24 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-10 18:42 - 2015-07-13 09:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-10 18:41 - 2015-08-18 15:43 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2015-10-10 18:41 - 2015-08-08 10:48 - 00000517 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-10-10 18:41 - 2015-07-14 11:48 - 00000000 ____D C:\ProgramData\GbPlugin
2015-10-10 18:41 - 2015-07-14 11:48 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-10-10 18:41 - 2015-07-13 09:59 - 00001038 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-10 18:41 - 2015-07-10 09:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-10 18:40 - 2015-09-09 19:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-10 18:40 - 2015-09-09 14:19 - 00000000 ____D C:\AdwCleaner
2015-10-10 18:40 - 2015-07-10 09:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-10 18:40 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-10 18:40 - 2015-07-10 06:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-10 18:32 - 2015-08-01 10:38 - 00783060 _____ C:\WINDOWS\system32\prfh0416.dat
2015-10-10 18:32 - 2015-08-01 10:38 - 00153546 _____ C:\WINDOWS\system32\prfc0416.dat
2015-10-10 18:32 - 2015-08-01 06:10 - 01813868 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 18:27 - 2015-07-12 06:49 - 00000093 _____ C:\Users\Daniel\AppData\Roaming\sp_data.sys
2015-10-10 17:52 - 2015-07-13 09:24 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-10 17:51 - 2015-07-13 09:59 - 00001042 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-10 16:26 - 2015-08-10 10:26 - 00000412 _____ C:\WINDOWS\Tasks\SociaLite.job
2015-10-10 15:56 - 2015-07-14 11:43 - 00000000 ____D C:\Users\Daniel\AppData\Local\JDownloader v2.0
2015-10-10 12:45 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-10 12:25 - 2015-07-12 15:53 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{57C2562E-D30E-4AA9-AE3E-259839D10908}
2015-10-09 08:52 - 2015-07-13 13:02 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-08 21:35 - 2015-07-17 14:49 - 00000000 ____D C:\Users\Daniel\.matplotlib
2015-10-08 12:11 - 2015-07-13 08:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-10-07 12:54 - 2015-09-09 15:24 - 00002248 ____H C:\Users\Daniel\Documents\Default.rdp
2015-10-07 12:54 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-07 12:39 - 2015-07-29 21:56 - 00000000 ____D C:\Users\Daniel\Desktop\leiahj
2015-10-07 07:31 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-06 23:31 - 2015-07-13 10:23 - 00000000 ____D C:\KMPlayer
2015-10-06 22:48 - 2015-08-01 05:45 - 00075486 _____ C:\WINDOWS\PFRO.log
2015-10-06 21:47 - 2015-07-13 09:59 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-06 21:46 - 2015-07-13 09:59 - 00004102 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-06 21:46 - 2015-07-13 09:59 - 00003870 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-10-05 15:52 - 2015-08-01 05:52 - 00000000 ____D C:\Users\Daniel
2015-10-03 07:58 - 2015-07-13 09:58 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BitComet
2015-10-02 10:53 - 2015-07-13 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-02 09:49 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-01 21:45 - 2015-08-01 05:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-01 21:44 - 2015-07-10 09:20 - 00024959 _____ C:\WINDOWS\setupact.log
2015-10-01 18:31 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-30 23:17 - 2015-08-07 11:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\RunDir
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-30 22:15 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-09-30 18:14 - 2015-07-10 07:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-26 08:30 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-26 08:29 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2015-09-23 17:21 - 2015-07-13 09:24 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google
2015-09-23 15:52 - 2015-07-13 09:24 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-22 19:07 - 2015-07-14 16:38 - 00000000 ____D C:\Users\Daniel\Documents\MATLAB
2015-09-22 14:51 - 2015-07-14 16:39 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\RStudio
2015-09-21 19:55 - 2015-09-09 19:19 - 11198080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-09-20 09:16 - 2015-07-10 09:20 - 05022824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-20 09:14 - 2015-07-10 10:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-20 04:33 - 2015-07-13 13:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-20 04:33 - 2015-07-13 13:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-20 04:33 - 2013-08-22 10:25 - 00000199 _____ C:\WINDOWS\win.ini
2015-09-18 17:27 - 2015-07-13 12:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-18 17:27 - 2015-07-13 12:48 - 00000000 ____D C:\ProgramData\Oracle
2015-09-18 17:27 - 2015-07-13 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-18 17:27 - 2015-07-13 12:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-18 16:37 - 2015-08-01 05:52 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-18 16:37 - 2015-07-13 09:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2015-09-18 16:37 - 2015-07-13 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-18 16:30 - 2015-08-07 12:11 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\shortCutStore
2015-09-17 11:46 - 2015-07-13 13:32 - 00000000 ____D C:\Users\Daniel\AppData\Local\Microsoft Help
2015-09-17 11:28 - 2015-07-13 13:07 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-16 20:59 - 2015-07-12 06:48 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-09-15 15:08 - 2015-07-19 02:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-15 13:12 - 2015-07-10 08:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 13:12 - 2015-07-10 08:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 20:47 - 2015-07-13 09:24 - 00004156 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-14 20:47 - 2015-07-13 09:24 - 00003924 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-13 21:24 - 2015-09-09 19:21 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-09-13 21:24 - 2015-09-09 19:21 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-09-13 21:24 - 2015-09-09 19:19 - 17934400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-09-13 21:24 - 2015-09-09 19:19 - 15631128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-09-13 21:24 - 2015-09-09 19:19 - 12611632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-09-13 21:24 - 2015-09-09 19:19 - 03484216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-09-13 21:24 - 2015-09-09 19:19 - 03077544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-09-13 21:24 - 2015-09-09 19:19 - 00034098 _____ C:\WINDOWS\system32\nvinfo.pb
2015-09-13 19:04 - 2015-09-09 19:21 - 06885168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-13 19:04 - 2015-09-09 19:21 - 03496056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-13 19:04 - 2015-09-09 19:21 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-13 19:04 - 2015-09-09 19:21 - 00937776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-13 19:04 - 2015-09-09 19:21 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-13 19:04 - 2015-09-09 19:21 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-12 12:11 - 2015-07-29 18:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-12 12:11 - 2015-07-29 18:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-11 09:17 - 2015-09-09 19:21 - 05231082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-10 11:47 - 2015-07-29 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-10 11:44 - 2015-07-12 07:48 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2015-07-12 06:49 - 2015-10-10 18:27 - 0000093 _____ () C:\Users\Daniel\AppData\Roaming\sp_data.sys
2015-07-14 11:46 - 2015-07-14 11:46 - 0017131 _____ () C:\Users\Daniel\AppData\Roaming\unins000.dat
2015-07-14 11:46 - 2015-07-14 11:46 - 0815826 _____ () C:\Users\Daniel\AppData\Roaming\unins000.exe
2015-08-01 05:50 - 2015-08-01 05:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-24 09:20 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-09-24 09:20 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-09-24 09:20 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Bit35C0.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\Bit4B70.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\BitCA4C.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmposqkrp.dll
C:\Users\Daniel\AppData\Local\Temp\failover.exe
C:\Users\Daniel\AppData\Local\Temp\KMP_4.0.0.0.exe
C:\Users\Daniel\AppData\Local\Temp\MaConfigSetupTemp.exe
C:\Users\Daniel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Daniel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Daniel\AppData\Local\Temp\nvStInst.exe
C:\Users\Daniel\AppData\Local\Temp\spark_install.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-02 13:30

==================== End of FRST.txt ============================
Attached Files
File Type: txt AdwCleaner[C11].txt (1.5 KB, 21 views)
File Type: txt FRST.txt (80.4 KB, 22 views)
File Type: txt Addition.txt (47.3 KB, 19 views)
silvadp is offline  
Sponsored Links
Advertisement
 
Old 10-12-2015, 02:29 AM   #4
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello again silvadp,

Please do the following. At the conclusion of these steps, please let me know how the machine is running.

========================================================

I see you have P2P software (Bitcomet) installed on your machine. Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation.

A reference for the risk of these programs is here

I would recommend that you uninstall any P2P Programs, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

========================================================

Download attached fixlist.txt file and save it to the Desktop.

NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work.

Double-click FRST64.exe to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
Click the Fix button just once, and wait.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after the restart.
When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Attached Files
File Type: txt fixlist.txt (4.8 KB, 28 views)
__________________
tekir06 is offline  
Old 10-12-2015, 07:20 AM   #5
Registered Member
 
Join Date: Jun 2013
Posts: 58
OS: win7 64



Dear tekir06,

I have done all requested changes, including uninstalling Bitcomet. I will keep my eyes opened for any possible change in the future and if it still bugs me while using chrome, I will let you know right away.

Thank you for all the devoted attention to my issue.

My best wishes to you!
silvadp is offline  
Old 10-12-2015, 11:43 PM   #6
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello,

You're Welcome!

Did you do other instructions I gave you?
__________________
tekir06 is offline  
Old 10-13-2015, 05:03 AM   #7
Registered Member
 
Join Date: Jun 2013
Posts: 58
OS: win7 64



I did everything. It seems ok for now. The only major issue is that the software I need to run from this website (Can You RUN It | Can I run that game | Game system requirements) is no longer working. I install it but everytime I want to run it, it does not. Even if I install it again. It ceased from working.
silvadp is offline  
Old 10-13-2015, 05:47 AM   #8
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello silvadp,

I am only trained in malware removal. You can try re-installing your browsers or You can try again by resetting the browser after backing up your bookmarks. If you want, you can get help from experts in our forums.

Quote:
I did everything. It seems ok for now.
As I understand it, your problem is solved in your first post. Let me know if it is solved. I will give you final instructions.
__________________
tekir06 is offline  
Old 10-13-2015, 05:51 AM   #9
Registered Member
 
Join Date: Jun 2013
Posts: 58
OS: win7 64



Regarding DNS Unlocker, as far as I am aware of, every thing seems ok. You can change the post to SOLVED...

Once again, thank you very very much for all your help and devoted attention to my problem. It was just great!
silvadp is offline  
Old 10-13-2015, 06:18 AM   #10
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello silvadp,

You're Welcome! I'm glad to solve the problem.

Your reports are clear. Let's remove all tools and logs that we use.

CLEAN UP

Please download delfix to your desktop.

  • Close all other programs and start delfix.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Ensure Remove disinfection tools is ticked. Also tick: Create registry backup, Purge system restore
  • Click Run
  • delfix will now delete all found traces of our removal process.
Note: The program will run for a few moments and then notepad will open with a log. No need to post this log.

If Delfix does not, please do the following.

For FRST:

Press the Windows "logo" key and "R" key then copy/paste the following single-line command into the Run box and click OK:

cmd /c rd /s /q "C:\FRST"

A DOS window will open and close again, this is normal.

For AdwCleaner:

Run AdwCleaner and select Uninstall
Clicking Yes

=========================================================

MICROSOFT UPDATES

It is very important that you get all of the critical updates for your Operating System. Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help keep your computer from becoming vulnerable. It is best if you have these set to download automatically.

Turn on Automatic Updates in Windows 10

------------------------------------------------------

Make sure you backup your system, so possible reformatting in the future isn't necessary:

Backup and Restore - Microsoft Windows

------------------------------------------------------

PREVENTION

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware, or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an add-on available for IE, Firefox, and Chrome.
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows 10 here
Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.
__________________
tekir06 is offline  
Old 10-13-2015, 01:27 PM   #11
Registered Member
 
Join Date: Jun 2013
Posts: 58
OS: win7 64



I ran delfix. Everything seems to be ok now.

Cheers and thanks again.
silvadp is offline  
Old 10-14-2015, 12:38 AM   #12
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello,

You're Welcome! Thank you for your patience and cooperation.
__________________
tekir06 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] my internet keep getting disconnecting connecting
Hi.I'm new on this forum.I got problem with my internet connection.It keeps dropping then connecting by itself.I cant download anything because in the middle it just drops.My connection is wireless and is cable.My other housemates who have laptops like me have no problem with connection.I took my...
jumrose123 Networking Support 52 03-21-2014 05:18 PM
DNS issue - 2 windows 2003 dc's, dcdiag /test:dns fails on one at forwarders
Hey guys, I've been working on this most of the day and can't seem to figure it out. I have 2 domain controllers on one domain - #1 is windows server 2003 standard sp2 and the #2 is windows server 2003 r2 standard sp2. Now I'm pretty sure my issue lies with the second dc (0.24) but I've...
Thrillhouse Windows Servers 4 10-09-2013 09:02 PM
Laptop can't connect to my home router, others are fine.
Hi, As the title says I was using the internet one evening, turned it off my laptop which is an Acer 5332, the next day turn it on only to find I am disconnected from the home router and can't connect to it. My Ipad is able to connect to it without a problem. I tried connecting to a friends...
Protonoto Networking Support 15 11-19-2012 09:51 AM
ipconfig "media disconnected" help please
My IP and whatnot is showing up, but also tons of "Tunnel adapter Local Area Connection". There may not be a problem since I can connect to the internet relatively easy and there is a wireless icon in my system tray. If there is no problem, I'm still curious about it. ipconfig Windows IP...
Pedr0NorthmaN Windows 7 , Windows Vista Support 7 11-15-2011 10:25 AM
Internet Keeps Dropping
Hi guys, I'm new to this forum, anyways I have a connection problem with my internet. Let me explain: My wireless internet keeps disconnecting for a constant period of 3-5 minutes, and I have to connect all over again. It gets really annoying, especially when I play online MMO's. Sometimes the...
CheeseLuvas Modems/Cable/DSL/Satellite 4 05-08-2011 03:06 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 09:24 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts