please help me, I need farbar recovery tool fix list txt

Status
Not open for further replies.
areans

areans

Level 1
Thread author
Dec 26, 2015
4
Please help me. My laptop started showing strange symbols on start up and thus i couldnt log in. After much searching for a solution i found the farbar recovery tool to which i ran via comand prompt of the recovery menu. Can you please help with the fix list, this is the scan result i got ;

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
Ran by SYSTEM on MININT-FS135G9 (27-12-2015 00:20:34)
Running from d:\
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-09-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-09-02] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [144456 2013-03-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1994752 2014-02-20] (Wondershare)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-20] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1282008 2015-10-19] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\cajew_000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\cajew_000\...\Run: [GoogleChromeAutoLaunch_85F041C1633AB6A99A0E4FC0E6B31B25] => C:\Users\cajew_000\AppData\Local\Chromium\Application\chrome.exe [663552 2015-06-28] (The Chromium Authors)
HKU\cajew_000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-11-13] (Tonec Inc.)
HKU\cajew_000\...\Run: [tsiVideo] => C:\WINDOWS\SysWOW64\rundll32.exe C:\Users\CAJEW_~1\AppData\Local\Temp\mdi064.dll,dalmat <===== ATTENTION
HKU\cajew_000\...\RunOnce: [Application Restart #7] => C:\Users\cajew_000\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable (the data entry has 579 more characters).
HKU\cajew_000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\Default\...\RunOnce: [RegDXVA1] => C:\WINDOWS\system32\cmd.exe /c reg import "SwitchUserVideoKey.reg"
HKU\Default\...\RunOnce: [RegAutoPlay] => C:\WINDOWS\system32\cmd.exe /c reg import "RegAutoPlay.reg"
HKU\Default User\...\RunOnce: [RegDXVA1] => C:\WINDOWS\system32\cmd.exe /c reg import "SwitchUserVideoKey.reg"
HKU\Default User\...\RunOnce: [RegAutoPlay] => C:\WINDOWS\system32\cmd.exe /c reg import "RegAutoPlay.reg"
Startup: C:\Users\cajew_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-12-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-11] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-11] (Microsoft Corporation)
S3 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2800896 2014-05-02] (Acer Incorporated)
S3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 lemyfemu; C:\Program Files (x86)\AB0A9F35-1444857008-EB44-960B-5F4A3E46AAFF\jnsx19FD.tmp [227328 2015-10-14] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
S2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] ()
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
S2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-20] (QIHU 360 SOFTWARE CO. LIMITED)
S2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-04-09] (Dritek System INC.)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [505648 2013-12-19] (Samsung Electronics Co., Ltd.)
S2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [155296 2015-12-18] (TODO: <公司名>)
S2 UDisk Monitor; C:\Program Files\PowerConnect\bin\MonServiceUDisk.exe [405504 2012-01-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WdsManPro; C:\ProgramData\aWMiniProa\WMiniPro.exe [351904 2015-12-02] (DTools LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 zimokewo; C:\Program Files (x86)\AB0A9F35-1444857008-EB44-960B-5F4A3E46AAFF\knsh811B.tmp [746496 2015-12-15] ()
S2 hidekoqe; C:\Users\cajew_000\AppData\Local\AB0A9F35-1450482557-EB44-960B-5F4A3E46AAFF\qnse9918.tmp [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-09-20] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-20] (360.cn)
S1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-20] (360.cn)
S1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-20] (360.cn)
S1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-09-20] (360.cn)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-20] (360.cn)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [62840 2012-10-17] (Broadcom Corporation.)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi)
S3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-04-09] (Dritek System Inc.)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243144 2013-03-06] (Realtek Semiconductor Corp.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-24] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 ztemtusbser; C:\Windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2012-01-05] (ZTEMT Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 00:00 - 2015-12-27 00:02 - 00000000 ____D C:\FRST
2015-12-24 22:00 - 2015-12-26 23:52 - 00000000 _____ C:\Recovery.txt
2015-12-24 12:13 - 2015-12-24 12:13 - 00000000 ____D C:\Windows\SysWOW64\%LOCALAPPDATA%
2015-12-24 11:06 - 2015-12-24 11:06 - 00000000 ____D C:\Windows\System32\%PROGRAMDATA%
2015-12-24 11:05 - 2015-12-24 11:05 - 00000000 ____D C:\BackupManager
2015-12-23 06:54 - 2015-12-23 07:03 - 00000000 ____D C:\Users\cajew_000\Desktop\Video clips
2015-12-23 05:56 - 2015-12-23 07:04 - 00000000 ____D C:\Users\cajew_000\Desktop\Virtual DJ 5
2015-12-23 02:35 - 2015-12-23 02:38 - 00000000 ____D C:\Users\cajew_000\Documents\Bus Driver
2015-12-23 01:50 - 2015-12-22 21:48 - 00020480 ___SH C:\Users\Public\Thumbs.db
2015-12-22 14:03 - 2015-12-22 14:03 - 00000967 _____ C:\Users\Public\Desktop\MyPublicWiFi.lnk
2015-12-22 14:03 - 2015-12-22 14:03 - 00000000 ____D C:\Program Files (x86)\MyPublicWiFi
2015-12-22 14:03 - 2012-12-07 00:28 - 00030536 _____ (Khalil Azzouzi) C:\Windows\System32\Drivers\ndiskhaz.sys
2015-12-22 03:44 - 2015-12-22 03:44 - 12078519 _____ C:\Users\cajew_000\Downloads\Euro Truck Simulator 2 _ Marcopolo G7 1800 DD 6x2 _ 1.17.x - 1.21.x.3gp
2015-12-22 02:27 - 2015-12-22 02:27 - 00699197 _____ C:\Users\cajew_000\Downloads\12374252_1654557071480538_405618705_n.mp4
2015-12-21 14:56 - 2015-12-21 14:56 - 00042310 _____ C:\Users\cajew_000\Downloads\Using your PC (with USB cable).html
2015-12-21 14:55 - 2015-12-21 14:55 - 05644538 _____ C:\Users\cajew_000\Downloads\com.estrongs.android.pop.apk
2015-12-21 14:51 - 2015-12-21 14:51 - 03826568 _____ C:\Users\cajew_000\Downloads\4_robocop.apk
2015-12-21 14:23 - 2015-12-21 14:25 - 25990449 _____ C:\Users\cajew_000\Downloads\com.whatsapp_2.12.391-450843_minAPI7(armeabi,armeabi-v7a,mips,x86)(nodpi).apk
2015-12-21 10:22 - 2015-12-21 10:22 - 00000007 _____ C:\Users\cajew_000\Documents\llll.txt
2015-12-21 04:33 - 2015-12-21 04:34 - 25988016 _____ C:\Users\cajew_000\Downloads\---NEW Dynamo Magician Impossible 2015 - Season 4 Episode 1.3gp
2015-12-21 04:32 - 2015-12-21 04:33 - 24748910 _____ C:\Users\cajew_000\Downloads\---NEW Dynamo Magician Impossible - Season 3 Episode 2.3gp
2015-12-21 04:28 - 2015-12-21 04:31 - 27669799 _____ C:\Users\cajew_000\Downloads\---Dynamo Best Magician - Impossible is Possible - YouTube.3gp
2015-12-21 04:27 - 2015-12-21 04:30 - 86073731 _____ C:\Users\cajew_000\Downloads\---Magicians Exposed using Demonic Spirits FULL.3gp
2015-12-21 04:23 - 2015-12-21 04:26 - 26177965 _____ C:\Users\cajew_000\Downloads\---STREET DEMON Magic (40 min) - Cyril Levitating Apple -u0026 Bills - Blowing Minds 2 - YouTube.3gp
2015-12-21 04:04 - 2015-12-21 04:04 - 23802748 _____ C:\Users\cajew_000\Downloads\Troy Street Magic 2015 Season 1 Episode 5.3gp
2015-12-21 03:19 - 2015-12-21 03:20 - 18623819 _____ C:\Users\cajew_000\Downloads\Prophecies Divine convocation.3gp
2015-12-21 02:44 - 2015-12-21 02:52 - 207675289 _____ C:\Users\cajew_000\Downloads\Sunday Live Service 20_12_2015.3gp
2015-12-20 14:50 - 2015-12-21 03:39 - 00033342 _____ C:\Users\cajew_000\.jose.user.preferences
2015-12-20 14:46 - 2015-12-20 14:46 - 00000927 _____ C:\Users\Guest\Desktop\jose.lnk
2015-12-20 14:46 - 2015-12-20 14:46 - 00000927 _____ C:\Users\cajew_000\Desktop\jose.lnk
2015-12-20 14:45 - 2015-12-20 14:46 - 00000000 ____D C:\Program Files (x86)\jose
2015-12-20 14:40 - 2015-12-20 14:40 - 00001011 _____ C:\Users\Public\Desktop\Free Chess.lnk
2015-12-20 14:40 - 2015-12-20 14:40 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\Pardolabs
2015-12-20 14:40 - 2015-12-20 14:40 - 00000000 ____D C:\Program Files (x86)\Free Chess
2015-12-20 14:39 - 2015-12-20 14:39 - 00001866 _____ C:\Users\cajew_000\Desktop\3D Chess Unlimited Demo.lnk
2015-12-20 14:39 - 2015-12-20 14:39 - 00000000 ____D C:\TLKGAMES
2015-12-20 14:28 - 2015-12-21 00:45 - 00080384 ___SH C:\Users\cajew_000\Desktop\Thumbs.db
2015-12-20 04:22 - 2015-12-20 04:22 - 17021523 _____ C:\Users\cajew_000\Downloads\How to Partner with Your Angels _ Kevin Basconi.3gp
2015-12-20 04:04 - 2015-12-20 04:04 - 03237563 _____ C:\Users\cajew_000\Downloads\Volkswagen Passat (ETS2) Euro Truck Simulator 2.3gp
2015-12-20 03:56 - 2015-12-20 03:57 - 12159264 _____ C:\Users\cajew_000\Downloads\Prophet Brian Carn - Flowing in The Prophetic 3_3_2015.3gp
2015-12-20 03:41 - 2015-12-20 03:43 - 52055535 _____ C:\Users\cajew_000\Downloads\Prophet Passion - PROPHETS TOUCH IN JAMAICA.3gp
2015-12-20 03:40 - 2015-12-20 03:40 - 07275837 _____ C:\Users\cajew_000\Downloads\Prophet Passion School of Prophecy-66 levels of speaking in Tongues.3gp
2015-12-20 03:35 - 2015-12-20 03:36 - 07710526 _____ C:\Users\cajew_000\Downloads\Prophet Passion School of Prophecy -Part 2.3gp
2015-12-20 03:34 - 2015-12-20 03:34 - 06321045 _____ C:\Users\cajew_000\Downloads\Prophet Passion School of Prophecy-Part 1.3gp
2015-12-20 03:33 - 2015-12-20 03:33 - 06417736 _____ C:\Users\cajew_000\Downloads\Prophet Passion school of Prophecy.3gp
2015-12-20 02:37 - 2015-12-20 02:37 - 06628180 _____ C:\Users\cajew_000\Downloads\Pastor Alph's Interview.3gp
2015-12-20 02:31 - 2015-12-20 02:33 - 55523089 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa _Demonstration of Power.3gp
2015-12-20 02:28 - 2015-12-20 02:30 - 55594969 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa Understanding the Prophetic 5.3gp
2015-12-19 13:16 - 2015-12-19 13:16 - 00000000 _____ C:\Windows\PCSB.ERR
2015-12-19 05:24 - 2015-12-19 05:24 - 00094264 _____ C:\Users\cajew_000\Downloads\ancient_words_pre_reg_48296.3gp
2015-12-19 05:24 - 2015-12-19 05:24 - 00076817 _____ C:\Users\cajew_000\Downloads\ancient_words_pre_reg_48264.3gp
2015-12-19 05:08 - 2015-12-19 05:19 - 299983566 _____ C:\Users\cajew_000\Downloads\225 Greatest Hymns, Praise and Worship Music, and Spiritual Songs Ever Compiled.3gp
2015-12-19 04:54 - 2015-12-19 04:54 - 03447621 _____ C:\Users\cajew_000\Downloads\how_to_play_ancient_words_long_preserved_michael_w_smith_letternoteplayer_c_reg_46443.3gp
2015-12-19 04:40 - 2015-12-19 04:41 - 39066657 _____ C:\Users\cajew_000\Downloads\THE GRAND MEGA SUPER MASSIVE ELDORET 2015 MEETING WORSHIP 1(audio).3gp
2015-12-19 04:37 - 2015-12-19 04:37 - 21543798 _____ C:\Users\cajew_000\Downloads\GRAND MEGA NAKURU LIVE WORSHIP.3gp
2015-12-19 04:20 - 2015-12-19 04:21 - 23920590 _____ C:\Users\cajew_000\Downloads\Top 10 Upcoming RPG games of 2016 _ HOT!.3gp
2015-12-19 04:14 - 2015-12-19 04:14 - 05409431 _____ C:\Users\cajew_000\Downloads\TOTALLY BLIND LEFT EYE OPENS IN FRONT OF LIVE TV CAMERA Venezuela Revival - Prophet Dr. Owuor.3gp
2015-12-19 04:12 - 2015-12-19 04:12 - 05196111 _____ C:\Users\cajew_000\Downloads\MASSIVE VISITATION OF HEAVEN TO BEFALL THE END OF YEAR MEETING IN KISUMU, KENYA - PROPHET DR. OWUOR_2.3gp
2015-12-19 03:05 - 2015-12-19 03:05 - 00000000 ____D C:\Users\cajew_000\AppData\Local\AB0A9F35-1450530344-EB44-960B-5F4A3E46AAFF
2015-12-19 02:31 - 2015-12-19 02:31 - 03691945 _____ C:\Users\cajew_000\Downloads\Sinach - You are the same ft Assent Tweed.3gp
2015-12-19 02:27 - 2015-12-19 02:28 - 03540171 _____ C:\Users\cajew_000\Downloads\I Know Who I Am [by Sinach].3gp
2015-12-18 23:09 - 2015-12-18 23:09 - 00000000 ____D C:\Program Files (x86)\Exploremedia
2015-12-18 22:55 - 2015-12-18 22:56 - 24495235 _____ C:\Users\cajew_000\Downloads\Review_ 2010 Mercedes-Benz E350 4Matic.3gp
2015-12-18 14:24 - 2015-12-18 22:06 - 00000000 __SHD C:\Users\Tendai\IntelGraphicsProfiles
2015-12-18 14:18 - 2015-09-28 05:24 - 05133720 _____ ((c) PC Cleaners Inc) C:\ProgramData\pclunst.exe
2015-12-18 14:17 - 2015-12-18 23:08 - 00000000 ____D C:\ProgramData\PC1Data
2015-12-18 13:51 - 2015-12-23 04:55 - 00000000 ____D C:\Users\cajew_000\AppData\Local\DailyPcClean Support
2015-12-18 13:51 - 2015-12-18 13:51 - 00003238 _____ C:\Windows\System32\Tasks\DailyPCClean Schedule
2015-12-18 13:51 - 2015-12-18 13:51 - 00001031 _____ C:\Users\cajew_000\Desktop\DailyPCClean.lnk
2015-12-18 13:51 - 2015-12-18 13:51 - 00000000 ____D C:\Users\cajew_000\Documents\DailyPCClean
2015-12-18 13:51 - 2015-12-18 13:51 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\DailyPCClean
2015-12-18 13:51 - 2015-12-18 13:51 - 00000000 ____D C:\ProgramData\PlayGemConfig
2015-12-18 13:51 - 2015-12-18 13:51 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support
2015-12-18 13:51 - 2015-12-18 13:51 - 00000000 ____D C:\Program Files (x86)\DailyPCClean
2015-12-18 13:49 - 2015-12-19 03:05 - 00000000 ____D C:\Users\cajew_000\AppData\Local\AB0A9F35-1450482557-EB44-960B-5F4A3E46AAFF
2015-12-18 12:24 - 2015-12-18 12:29 - 112055586 _____ C:\Users\cajew_000\Downloads\---Sunday Live Service 13-_12-_2015 - YouTube.3gp
2015-12-18 12:13 - 2015-12-18 12:23 - 160431132 _____ C:\Users\cajew_000\Downloads\---Sunday Live Service 13-_12-_2015.3gp
2015-12-18 11:45 - 2015-12-18 11:47 - 05889395 _____ C:\Users\cajew_000\Downloads\SINACH - I KNOW WHO I AM (official video).aac
2015-12-18 11:35 - 2015-12-18 11:36 - 15059674 _____ C:\Users\cajew_000\Downloads\Mystries of God part 1A-Sermon by Prophet Edd.3gp
2015-12-18 11:19 - 2015-12-18 11:19 - 01972054 _____ C:\Users\cajew_000\Downloads\Rikki Doolan on StarFM Radio - responding to recent media reports.3gp
2015-12-18 11:17 - 2015-12-18 11:19 - 44155386 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa The Kingdom of God 3_2.3gp
2015-12-18 11:06 - 2015-12-18 11:07 - 12270937 _____ C:\Users\cajew_000\Downloads\Top 10 Open World Games of 2016 _ UPCOMING!.3gp
2015-12-18 10:15 - 2015-12-18 10:16 - 00666419 _____ C:\Users\cajew_000\Downloads\12390393_566251120196555_905446785_n.mp4
2015-12-17 12:46 - 2015-12-17 12:47 - 18621390 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa Secret _How it started .Report from wife ,parents and family.3gp
2015-12-17 12:45 - 2015-12-17 12:46 - 39092331 _____ C:\Users\cajew_000\Downloads\Rangarira Mukadzi waLot - Prophet E Makandiwa (Mbare Crusade).3gp
2015-12-17 12:38 - 2015-12-17 12:39 - 38059451 _____ C:\Users\cajew_000\Downloads\I was a devil worshiper.3gp
2015-12-17 12:37 - 2015-12-17 12:37 - 09041585 _____ C:\Users\cajew_000\Downloads\PROPHET W.MAGAYA- Testimony (President of minstrel occult group (Nyawo_gure) surrenders to God).3gp
2015-12-17 12:32 - 2015-12-17 12:34 - 37856119 _____ C:\Users\cajew_000\Downloads\A Herbalists HORRIFIC Confession!.3gp
2015-12-17 11:49 - 2015-12-17 11:58 - 225941120 _____ C:\Users\cajew_000\Downloads\Diplomatic Live service 14_12_2015.3gp
2015-12-17 09:54 - 2015-12-17 09:56 - 68177820 _____ C:\Users\cajew_000\Downloads\The Magicians - S01E01 (TvShows4Mobile.Com).3gp
2015-12-17 09:27 - 2015-12-17 09:30 - 56121788 _____ C:\Users\cajew_000\Downloads\Into the Badlands - S01E05 (TvShows4Mobile.Com).3gp
2015-12-16 14:48 - 2015-12-16 14:48 - 18488629 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa _Thou art loosed (Demonstration of Power).3gp
2015-12-16 14:46 - 2015-12-16 14:46 - 21115149 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa Manifestations of Light.3gp
2015-12-15 11:57 - 2015-12-15 11:57 - 14402819 _____ C:\Users\cajew_000\Downloads\GTA 6 - Grand Theft Auto VI_ Official Gameplay Video PC_PS4_XONE Preview Trailer Official Video.3gp
2015-12-15 11:50 - 2015-12-15 11:50 - 13826748 _____ C:\Users\cajew_000\Downloads\Real Videos_ 2014 Land Rover LR4 Luxury SUV Review.3gp
2015-12-15 11:48 - 2015-12-15 11:48 - 10283804 _____ C:\Users\cajew_000\Downloads\LAND ROVER DISCOVERY XS TDV6 AUTO 2009 Review_Road Test_Test Drive.3gp
2015-12-15 11:37 - 2015-12-15 11:38 - 38595489 _____ C:\Users\cajew_000\Downloads\Face To Face With LUCIFER!.3gp
2015-12-15 10:51 - 2015-12-15 10:51 - 00003158 _____ C:\Windows\System32\Tasks\{D8D7FBD6-7A26-4017-8CD7-DE12F483F450}
2015-12-15 10:31 - 2015-12-15 10:31 - 00000000 ____D C:\Users\cajew_000\Downloads\New folder
2015-12-15 10:21 - 2015-12-15 10:21 - 00001029 _____ C:\Users\Guest\Desktop\Eusing Free Registry Cleaner.lnk
2015-12-15 10:21 - 2015-12-15 10:21 - 00001029 _____ C:\Users\cajew_000\Desktop\Eusing Free Registry Cleaner.lnk
2015-12-15 10:21 - 2015-12-15 10:21 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\Eusing
2015-12-15 10:21 - 2015-12-15 10:21 - 00000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner
2015-12-15 10:04 - 2015-12-15 10:05 - 04445584 _____ (systweak.com ) C:\Users\cajew_000\Downloads\sysrc_trial.exe
2015-12-15 09:31 - 2015-12-15 09:31 - 00000000 ____D C:\Users\Guest\AppData\Roaming\WinRAR
2015-12-15 09:30 - 2015-12-18 14:22 - 00000000 ____D C:\Users\Guest\AppData\Roaming\lm
2015-12-15 09:30 - 2015-12-15 09:30 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2015-12-15 09:30 - 2015-12-15 09:30 - 00000000 ____D C:\Users\Guest\AppData\LocalLow\360WD
2015-12-15 09:30 - 2015-12-15 09:30 - 00000000 ____D C:\Users\Guest\AppData\Local\DFX
2015-12-15 09:29 - 2015-12-15 09:30 - 00000000 __SHD C:\Users\Guest\IntelGraphicsProfiles
2015-12-15 09:29 - 2015-12-15 09:30 - 00000000 ____D C:\Users\Guest\AppData\Local\Packages
2015-12-15 09:29 - 2015-12-15 09:30 - 00000000 ____D C:\users\Guest
2015-12-15 09:29 - 2015-12-15 09:29 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2015-12-15 09:29 - 2015-12-15 09:29 - 00000000 _SHDL C:\Users\Guest\My Documents
2015-12-15 09:29 - 2015-12-15 09:29 - 00000000 _SHDL C:\Users\Guest\Documents\My Videos
2015-12-15 09:29 - 2015-12-15 09:29 - 00000000 _SHDL C:\Users\Guest\Documents\My Pictures
2015-12-15 09:29 - 2015-12-15 09:29 - 00000000 _SHDL C:\Users\Guest\Documents\My Music
2015-12-15 09:29 - 2015-12-15 09:29 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2015-12-15 09:25 - 2015-12-15 09:25 - 00000000 ____D C:\Users\cliff\AppData\Roaming\Opera Software
2015-12-15 09:25 - 2015-12-15 09:25 - 00000000 ____D C:\Users\cliff\AppData\Local\Opera Software
2015-12-15 09:23 - 2015-12-15 10:57 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1820753214-1680879384-666428471-1006
2015-12-15 09:20 - 2015-12-15 09:27 - 00000000 ____D C:\Users\cliff\AppData\Local\clear.fi
2015-12-15 09:20 - 2015-12-15 09:20 - 00000000 ____D C:\Users\cliff\PicStream
2015-12-15 09:19 - 2015-12-15 09:19 - 00000000 ____D C:\Users\cliff\AppData\LocalLow\360WD
2015-12-15 09:19 - 2015-12-15 09:19 - 00000000 ____D C:\Users\cliff\AppData\Local\DFX
2015-12-15 09:18 - 2015-12-18 14:22 - 00000000 ____D C:\Users\cliff\AppData\Roaming\lm
2015-12-15 09:18 - 2015-12-15 09:24 - 00000000 ____D C:\Users\cliff\AppData\Local\Packages
2015-12-15 09:18 - 2015-12-15 09:20 - 00000000 ____D C:\users\cliff
2015-12-15 09:18 - 2015-12-15 09:18 - 00000020 ___SH C:\Users\cliff\ntuser.ini
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 _SHDL C:\Users\cliff\My Documents
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 _SHDL C:\Users\cliff\Documents\My Videos
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 _SHDL C:\Users\cliff\Documents\My Pictures
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 _SHDL C:\Users\cliff\Documents\My Music
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 __SHD C:\Users\cliff\IntelGraphicsProfiles
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 ____D C:\Users\cliff\AppData\Roaming\Adobe
2015-12-15 09:18 - 2015-12-15 09:18 - 00000000 ____D C:\Users\cliff\AppData\Local\VirtualStore
2015-12-14 10:25 - 2015-12-14 10:25 - 01352665 _____ C:\Users\cajew_000\Downloads\jem_and_the_holograms_theme_song_hi_66321.3gp
2015-12-14 10:21 - 2015-12-14 10:21 - 00649809 _____ C:\Users\cajew_000\Downloads\jem_and_the_holograms_theme_song_reg_66099.3gp
2015-12-13 15:18 - 2015-12-13 15:19 - 17529221 _____ C:\Users\cajew_000\Downloads\Land Rover Discovery 2016 In Depth Review Interior Exterior.3gp
2015-12-13 14:34 - 2015-12-13 15:00 - 427932441 _____ C:\Users\cajew_000\Downloads\Prophetic Live 12_12_2015.3gp
2015-12-13 14:24 - 2015-12-13 14:25 - 03273953 _____ C:\Users\cajew_000\Downloads\City Car Driving Keygen Download.aac
2015-12-13 11:59 - 2015-12-13 12:03 - 56466158 _____ C:\Users\cajew_000\Downloads\The Last Man on Earth - S01E01-E02 (O2TvSeries.Com).3gp
2015-12-12 23:53 - 2015-12-12 23:54 - 27850475 _____ C:\Users\cajew_000\Downloads\Hour and a half of Country Gospel Music.3gp
2015-12-12 23:48 - 2015-12-12 23:49 - 02886627 _____ C:\Users\cajew_000\Downloads\Alan Jackson - I Love To Tell The Story.aac
2015-12-12 23:45 - 2015-12-12 23:46 - 52670744 _____ C:\Users\cajew_000\Downloads\Country Classic Great Country Gospel Songs Compile by djeasy.3gp
2015-12-12 14:58 - 2015-12-12 14:59 - 01128430 _____ C:\Users\cajew_000\Downloads\12340043_1630260717240050_1183175212_n.mp4
2015-12-11 04:06 - 2015-12-11 04:09 - 10818418 _____ C:\Users\cajew_000\Downloads\Mercedes-Benz E Class AMG 2009 In depth review Interior Exterior.3gp
2015-12-11 03:23 - 2015-12-11 03:23 - 00545907 _____ C:\Users\cajew_000\Downloads\12310265_1521563164834701_273406463_n.mp4
2015-12-11 02:50 - 2015-12-11 02:50 - 00093179 _____ C:\Users\cajew_000\Downloads\The cost of internet in Zimbabwe - an overview of broadband packages - TechzimTechzim.html
2015-12-11 02:42 - 2015-12-11 02:42 - 19515912 _____ C:\Users\cajew_000\Downloads\Audi Q7 vs Volvo XC90 vs Land Rover Discovery - Carbuyer.3gp
2015-12-11 02:40 - 2015-12-11 02:40 - 05556829 _____ C:\Users\cajew_000\Downloads\Nissan Qashqai SUV (2007-2013) review - CarBuyer.3gp
2015-12-11 02:33 - 2015-12-11 02:33 - 08291437 _____ C:\Users\cajew_000\Downloads\Nissan X-Trail SUV (2007-2014) review - CarBuyer.3gp
2015-12-11 02:23 - 2015-12-11 02:23 - 09767676 _____ C:\Users\cajew_000\Downloads\Mitsubishi L200 pickup review - Carbuyer.3gp
2015-12-10 10:25 - 2015-12-10 10:25 - 08379585 _____ C:\Users\cajew_000\Downloads\prophet_beverley_uebert_angel_prophetic_moment_at_spirit_embassy_harare_hi_66323.3gp
2015-12-10 10:22 - 2015-12-10 10:23 - 06284206 _____ C:\Users\cajew_000\Downloads\prophetess_ruth_makandiwa_victorious_ladies_convention_hi_66170.3gp
2015-12-10 10:00 - 2015-12-18 14:22 - 00000000 ____D C:\Users\cajew_000\Desktop\New folder (4)
2015-12-10 09:41 - 2015-12-10 09:41 - 09598956 _____ C:\Users\cajew_000\Downloads\Scania V8 - Stock Engine Sound v1.1 (by nIGhT-SoN).3gp
2015-12-10 08:52 - 2015-12-10 08:52 - 03195197 _____ C:\Users\cajew_000\Downloads\DAF_XF_-_HD_Interior_v2.3_-_Gray__by_nIGhT-SoN_ (1).scs
2015-12-10 08:51 - 2015-12-10 08:51 - 03195198 _____ C:\Users\cajew_000\Downloads\DAF_XF_-_HD_Interior_v2.3_-_Creme__by_nIGhT-SoN_ (1).scs
2015-12-10 08:51 - 2015-12-10 08:51 - 03195197 _____ C:\Users\cajew_000\Downloads\DAF_XF_-_HD_Interior_v2.3_-_Gray__by_nIGhT-SoN_.scs
2015-12-10 08:50 - 2015-12-10 08:51 - 03195198 _____ C:\Users\cajew_000\Downloads\DAF_XF_-_HD_Interior_v2.3_-_Creme__by_nIGhT-SoN_.scs
2015-12-10 01:00 - 2015-12-10 01:00 - 00134690 _____ C:\Users\cajew_000\Downloads\iveco_hiway_750hp.scs
2015-12-10 00:57 - 2015-12-10 00:57 - 00018689 _____ C:\Users\cajew_000\Downloads\all_truck_750hp_v_1_1_PZMoDs.scs
2015-12-10 00:54 - 2015-12-10 00:54 - 00496728 _____ C:\Users\cajew_000\Downloads\Daf_xf_Euro_6-_750hp.scs
2015-12-10 00:31 - 2015-12-10 00:31 - 00069622 _____ C:\Users\cajew_000\Downloads\[TKK5050-3CHOME]Transmissions Pack v1.rar
2015-12-09 16:13 - 2015-12-09 16:13 - 01465524 _____ C:\Users\cajew_000\Downloads\______________Xenon_Far.scs
2015-12-09 16:11 - 2015-12-09 16:11 - 00181731 _____ C:\Users\cajew_000\Downloads\850_HP_Engine_For_All_Truck__T4.1_.scs
2015-12-09 16:10 - 2015-12-09 16:10 - 00356014 _____ C:\Users\cajew_000\Downloads\MBA750.scs
2015-12-09 15:36 - 2015-12-09 15:36 - 11397382 _____ C:\Users\cajew_000\Downloads\★Euro Truck Simulator 2★ Mercedes Sprinter 2009.3gp
2015-12-09 15:31 - 2015-12-09 15:31 - 09974302 _____ C:\Users\cajew_000\Downloads\Mercedes Sprinter 2015 ETS2 (Euro Truck Simulator 2).3gp
2015-12-07 17:06 - 2015-12-07 17:06 - 07251270 _____ C:\Users\cajew_000\Downloads\Healing and the Kingdom with Marc Dupont.mp4
2015-12-07 17:05 - 2015-12-07 17:05 - 05091845 _____ C:\Users\cajew_000\Downloads\Bill Johnson - Creative Miracles At Bethel - Part 2.3gp
2015-12-07 14:03 - 2015-12-07 14:04 - 03823028 _____ C:\Users\cajew_000\Downloads\Nickelback - Far Away [OFFICIAL VIDEO].aac
2015-12-07 13:49 - 2015-12-07 13:49 - 00000000 ____D C:\ProgramData\Tmp0x0x
2015-12-07 12:31 - 2015-12-07 12:32 - 12249763 _____ C:\Users\cajew_000\Downloads\2002 BMW 318i 2.0 (E46) Start-Up, Full Vehicle Tour and Quick Drive.3gp
2015-12-06 09:02 - 2015-12-06 09:22 - 424199888 _____ C:\Users\cajew_000\Downloads\Friday Live Service 27_11_2015.3gp
2015-12-02 09:20 - 2015-12-17 12:05 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\istartpageing
2015-12-02 09:20 - 2015-12-02 09:20 - 00000000 ____D C:\ProgramData\aWMiniProa
2015-12-02 07:43 - 2015-12-02 07:44 - 02861219 _____ C:\Users\cajew_000\Downloads\Crosby, Stills, Nash & Young, Our House Lyrics-Trippy.aac
2015-12-02 05:33 - 2015-12-02 05:37 - 108274753 _____ C:\Users\cajew_000\Downloads\Sunday Live Service 20_11_2015.3gp
2015-12-02 05:25 - 2015-12-02 05:25 - 20535861 _____ C:\Users\cajew_000\Downloads\Supernatural hair growth Testimony-Prophet Shepherd Bushiri.mp4
2015-12-01 11:03 - 2015-12-01 11:07 - 71268228 _____ C:\Users\cajew_000\Downloads\Minister's Material Question and Answer Demonology and Healing Ministry.3gp
2015-12-01 11:02 - 2015-12-01 11:07 - 90270188 _____ C:\Users\cajew_000\Downloads\Minister's Material - The Prophetic Ministry.3gp
2015-12-01 09:48 - 2015-12-01 09:48 - 00000000 ____D C:\Users\cajew_000\Documents\Square Enix
2015-12-01 09:47 - 2015-12-01 09:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-29 15:11 - 2015-11-29 15:13 - 32903416 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa Faith For The Impossible Part 2.3gp
2015-11-29 15:10 - 2015-11-29 15:10 - 03575017 _____ C:\Users\cajew_000\Downloads\Prophet Makandiwa Exlpains how God Mightly used Him as a Youth in Muzarabani.3gp
2015-11-27 11:48 - 2015-11-27 11:48 - 12732932 _____ C:\Users\cajew_000\Downloads\Land Rover Discovery review - What Car.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-26 13:22 - 2013-11-09 03:51 - 00053284 _____ C:\Windows\System32\wpbbin.exe
2015-12-26 12:46 - 2015-10-13 06:55 - 00000563 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2015-12-26 12:45 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-24 11:13 - 2013-09-29 20:04 - 00863592 _____ C:\Windows\System32\PerfStringBackup.INI
2015-12-24 11:13 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\Inf
2015-12-24 11:04 - 2015-10-10 03:18 - 00037760 _____ C:\Windows\System32\FNTCACHE.DAT
2015-12-24 11:04 - 2015-10-07 00:51 - 00000000 _RSHD C:\360SANDBOX
2015-12-24 11:04 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\tracing
2015-12-24 10:53 - 2013-09-13 19:28 - 00000000 ____D C:\Users\cajew_000\AppData\Local\CrashDumps
2015-12-24 10:52 - 2014-08-07 12:48 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\vlc
2015-12-23 21:29 - 2013-10-17 10:17 - 00000000 ____D C:\Users\cajew_000\AppData\Local\ElevatedDiagnostics
2015-12-23 16:14 - 2015-10-13 10:07 - 00000000 ____D C:\Users\cajew_000\Downloads\Shareit
2015-12-23 15:49 - 2014-10-23 10:41 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\dvdcss
2015-12-23 07:04 - 2007-10-29 21:09 - 00000000 ____D C:\Users\cajew_000\Desktop\Virtual DJ 8
2015-12-23 07:03 - 2015-10-15 09:32 - 00000000 ____D C:\Users\cajew_000\Desktop\New folder
2015-12-23 04:53 - 2013-09-13 16:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1820753214-1680879384-666428471-1001
2015-12-23 02:52 - 2015-10-14 05:40 - 00000000 ____D C:\Users\cajew_000\Documents\Euro Truck Simulator 2
2015-12-22 14:22 - 2015-10-21 12:49 - 00000000 ____D C:\Users\cajew_000\Desktop\gggggg
2015-12-22 13:58 - 2015-10-15 12:43 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\DMCache
2015-12-22 02:28 - 2015-10-29 16:21 - 00000000 ____D C:\Users\cajew_000\Downloads\Video
2015-12-21 14:50 - 2015-10-15 12:43 - 00000000 ____D C:\Users\cajew_000\Downloads\Compressed
2015-12-21 04:19 - 2015-11-15 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 14:50 - 2013-11-09 03:59 - 00000000 ____D C:\users\cajew_000
2015-12-20 12:46 - 2013-09-13 21:11 - 00000000 ____D C:\Users\cajew_000\Desktop\Crazy Love
2015-12-19 13:16 - 2013-08-22 05:36 - 00000000 ____D C:\Windows
2015-12-19 03:05 - 2015-10-07 01:03 - 00000000 __SHD C:\ProgramData\360Quarant
2015-12-19 03:05 - 2015-10-07 01:03 - 00000000 __SHD C:\$360Section
2015-12-18 23:03 - 2015-11-21 04:12 - 00000000 ____D C:\Users\cajew_000\AppData\Roaming\Software Tool
2015-12-18 23:03 - 2015-10-26 11:54 - 00000000 ____D C:\Users\Public\willard
2015-12-18 14:52 - 2015-10-07 00:52 - 00000000 ____D C:\Users\cajew_000\AppData\LocalLow\360WD
2015-12-18 14:24 - 2015-10-13 10:06 - 00000000 ____D C:\users\Tendai
2015-12-18 14:23 - 2014-10-09 08:37 - 00000000 ____D C:\ProgramData\APN
2015-12-18 14:22 - 2015-11-21 23:39 - 00000000 ____D C:\Users\Public\pins_1
2015-12-18 14:22 - 2015-11-21 23:25 - 00000000 ____D C:\Users\Public\105_FUJI
2015-12-18 14:22 - 2015-11-04 11:02 - 00000000 ____D C:\Users\cajew_000\Desktop\worship
2015-12-18 14:22 - 2015-10-31 08:06 - 00000000 ____D C:\Users\cajew_000\Downloads\jv for gold mining _ Mining Other - Classifieds.co.zw_files
2015-12-18 14:22 - 2015-10-25 11:57 - 00000000 ____D C:\Users\cajew_000\Desktop\mmnbnhd
2015-12-18 14:22 - 2015-10-25 10:56 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-18 14:22 - 2015-10-22 03:00 - 00000000 ____D C:\Users\cajew_000\Desktop\BG
2015-12-18 14:22 - 2015-10-22 02:42 - 00000000 ____D C:\Users\Public\MOVIES
2015-12-18 14:22 - 2015-10-15 12:24 - 00000000 ____D C:\Users\cajew_000\Desktop\tech
2015-12-18 14:22 - 2015-10-15 12:19 - 00000000 ____D C:\Users\cajew_000\Desktop\spiritual
2015-12-18 14:22 - 2015-10-07 00:19 - 00000000 ____D C:\Users\cajew_000\AppData\Local\AvgSetupLog
2015-12-18 14:22 - 2015-09-13 23:25 - 00000000 ____D C:\Users\cajew_000\Desktop\Shep and Candace
2015-12-18 14:22 - 2015-05-10 03:52 - 00000000 ___RD C:\Users\cajew_000\Dropbox
2015-12-18 14:22 - 2014-06-09 12:46 - 00000000 ____D C:\Users\cajew_000\AppData\Local\Pinnacle
2015-12-18 14:22 - 2014-02-25 22:06 - 00000000 ____D C:\Users\cajew_000\Desktop\Shep Stuff
2015-12-18 14:22 - 2013-11-09 08:46 - 00000000 ___DO C:\Users\cajew_000\SkyDrive
2015-12-18 14:22 - 2013-09-14 07:21 - 00000000 ____D C:\Users\cajew_000\Desktop\Home videos
2015-12-18 14:22 - 2013-09-14 06:16 - 00000000 ____D C:\Users\cajew_000\Desktop\Candace stuff
2015-12-18 14:22 - 2013-04-09 05:46 - 00000000 ____D C:\ProgramData\FLEXnet
2015-12-18 13:49 - 2015-10-29 16:40 - 00000000 ____D C:\Program Files (x86)\SFK
2015-12-18 12:53 - 2013-08-22 05:25 - 00524288 ___SH C:\Windows\System32\config\BBI
2015-12-18 12:30 - 2013-11-09 13:17 - 00000000 ____D C:\Users\cajew_000\AppData\Local\Deployment
2015-12-17 11:53 - 2015-10-14 13:11 - 00003836 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444857093
2015-12-17 11:53 - 2015-10-14 13:10 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-15 12:59 - 2015-10-14 13:10 - 00000000 ____D C:\Program Files (x86)\AB0A9F35-1444857008-EB44-960B-5F4A3E46AAFF
2015-12-15 10:53 - 2015-10-29 16:40 - 00000000 ____D C:\Users\cajew_000\AppData\Local\PPTAssist
2015-12-15 10:51 - 2015-10-29 16:40 - 00001844 _____ C:\Users\cajew_000\Desktop\Internet Explorer.lnk
2015-12-15 10:51 - 2015-10-29 16:05 - 00001123 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-15 10:51 - 2015-10-14 13:11 - 00001127 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-15 10:30 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-15 10:30 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-15 10:05 - 2015-11-21 04:13 - 00000000 ____D C:\Program Files (x86)\RCP
2015-12-15 09:46 - 2015-10-22 11:46 - 00000074 _____ C:\Users\cajew_000\Desktop\Product activation info.url
2015-12-15 09:18 - 2013-11-09 05:50 - 00000000 ___DC C:\Windows\Panther
2015-12-15 09:18 - 2013-09-13 16:43 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-12-10 03:36 - 2015-11-25 00:28 - 00000000 ____D C:\Users\Public\New folder
2015-12-07 09:07 - 2014-06-28 15:07 - 00000000 ____D C:\Users\cajew_000\AppData\Local\Adobe
2015-12-06 13:19 - 2013-09-13 19:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-06 13:16 - 2015-10-07 01:03 - 00000000 ____D C:\Windows\Tasks\360Disabled
2015-12-06 13:15 - 2015-10-15 13:40 - 00004036 _____ C:\Windows\System32\Tasks\DDsFtmOg5tFE9RfC
2015-12-06 13:08 - 2015-11-21 04:13 - 00003096 _____ C:\Windows\System32\Tasks\BarCode Scanner
2015-12-06 13:08 - 2015-11-21 04:13 - 00003004 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2015-12-06 13:08 - 2015-05-20 09:35 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-06 13:08 - 2013-09-13 19:17 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 13:08 - 2013-09-13 19:17 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 13:08 - 2012-12-25 00:56 - 00003202 _____ C:\Windows\System32\Tasks\DeviceDetector
2015-12-06 04:56 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\NDF
2015-12-02 09:20 - 2015-10-29 16:40 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\pclunst.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Public\CityCarDriving_1.2.2.exe


Some files in TEMP:
====================
C:\Users\cajew_000\AppData\Local\Temp\mdi064.dll
C:\Users\Tendai\AppData\Local\Temp\B5TMini.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2014-12-04 15:57] - [2014-10-28 17:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437

C:\Windows\System32\wininit.exe
[2014-12-04 15:55] - [2014-10-28 17:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380

C:\Windows\explorer.exe
[2015-03-11 07:43] - [2015-01-27 15:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88

C:\Windows\SysWOW64\explorer.exe
[2015-03-11 07:43] - [2015-01-27 15:41] - 2207488 ____A (Microsoft Corporation) 91E24273FCA076EA9E65DAFA98901225

C:\Windows\System32\svchost.exe
[2014-12-04 15:55] - [2014-10-28 20:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47

C:\Windows\SysWOW64\svchost.exe
[2014-12-04 15:55] - [2014-10-28 19:17] - 0033088 ____A (Microsoft Corporation) D0ABC231C0B3E88C6B612B28ABBF734D

C:\Windows\System32\services.exe
[2015-05-15 06:40] - [2015-04-08 14:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45

C:\Windows\System32\User32.dll
[2014-12-04 15:58] - [2014-10-28 20:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5

C:\Windows\SysWOW64\User32.dll
[2014-12-04 15:59] - [2014-10-28 17:04] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE

C:\Windows\System32\userinit.exe
[2014-12-04 15:54] - [2014-10-28 17:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F

C:\Windows\SysWOW64\userinit.exe
[2014-12-04 15:54] - [2014-10-28 17:05] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0

C:\Windows\System32\rpcss.dll
[2014-12-04 15:59] - [2014-10-28 17:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00

C:\Windows\System32\dnsapi.dll
[2014-12-04 15:58] - [2014-10-28 17:30] - 0657920 ____A (Microsoft Corporation) A5675939CF0F99B20B5A3CFCC3C1B46A

C:\Windows\SysWOW64\dnsapi.dll
[2014-12-04 15:58] - [2014-10-28 17:06] - 0498688 ____A (Microsoft Corporation) BD9C7A068C46053F8747CEA73B5930AB

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2015-12-15 10:11
Restore point date: 2015-12-18 14:21
Restore point date: 2015-12-25 09:07

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 5939.59 MB
Available physical RAM: 4982.35 MB
Total Virtual: 5939.59 MB
Available Virtual: 5002.7 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.37 GB) (Free:149.41 GB) NTFS
Drive d: () (Removable) (Total:7.38 GB) (Free:7.38 GB) FAT32
Drive e: (Win81AIO-x86-en-US-Baseline-v2) (CDROM) (Total:2.8 GB) (Free:0 GB) UDF
Drive f: () (Fixed) (Total:0.34 GB) (Free:0.01 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0ED18B1E)

Partition: GPT.

========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.


LastRegBack: 2015-12-26 11:56

==================== End of FRST.txt ============================
 

Attachments

  • FRST.txt
    42.4 KB · Views: 536
  • FRST.txt
    42.4 KB · Views: 409
  • Like
Reactions: Deleted Member 333v73x
D

Deleted Member 333v73x

Although I am not an expert, this looks a bit fishy:
HKU\cajew_000\...\RunOnce: [Application Restart #7] => C:\Users\cajew_000\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable (the data entry has 579 more characters)
I am just saying my opinion do not rely on it post it in Malware Removal Assistance, link is above this post ^^
 
D

Deleted Member 333v73x

areans said:
Thank you so much for the quick response let me head over there right now. Again thank you friend
Click to expand...
Your welcome, when you make the thread there make sure you click 'watch thread' and 'receive email notifications' so you know exactly when a member of Staff or Malware Removal Expert has replied :)
 
Status
Not open for further replies.

Similar threads

V
    • Like
Unlimited Giveaway WinXDVD 2023 Advent Calendar - Get 31 Top-rated software for Free (worth $1260)
Replies
0
Views
2,525
Giveaways, Promotions and Contests
Venda265
V
K
  • Locked
PowerShell/MaleficAms Powershell Infection Please Help
Replies
2
Views
1,961
Windows Malware Removal Help & Support
nasdaq
nasdaq
J
  • Locked
I need help with a Malware Spanish logs
Replies
2
Views
1,819
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top