Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-10-2015 Ran by Devan (administrator) on SHIZNIT (24-10-2015 15:02:20) Running from C:\Users\Devan\Downloads Loaded Profiles: Devan (Available Profiles: Devan) Platform: Windows 8.1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (PC Drivers Headquarters) C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Farbar) C:\Users\Devan\Downloads\FRST64 (2).exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-04] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] () HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-01-16] (Alcor Micro Corp.) HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA) HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA) HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55357464 2015-09-04] (Skype Technologies S.A.) HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\Run: [GoogleChromeAutoLaunch_B2901D6D3EBB18EBD73152F642960645] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.) HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation) HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-10-23] (SUPERAntiSpyware) HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\MountPoints2: {05f9bc36-6104-11e4-8250-806e6f6e6963} - "D:\StartMe.EXE" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{1D4AD5C3-2E4E-4E8D-8D62-583CCBE4047A}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BCD48357-7DEE-4F1A-BE58-034BE4875ED2}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-3712499783-581391182-1704282419-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/ HKU\S-1-5-21-3712499783-581391182-1704282419-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com HKU\S-1-5-21-3712499783-581391182-1704282419-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.toshiba.ca/welcome/?w=23 SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = SearchScopes: HKU\S-1-5-21-3712499783-581391182-1704282419-1001 -> DefaultScope {C270FC5A-F365-471E-8A38-71B68BD29810} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=bd06d34c26914dab8789d0db21e101f8&tu=10GAy00Jj2D30q0&sku=&tstsId=&ver=&&r=46 SearchScopes: HKU\S-1-5-21-3712499783-581391182-1704282419-1001 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = SearchScopes: HKU\S-1-5-21-3712499783-581391182-1704282419-1001 -> {C270FC5A-F365-471E-8A38-71B68BD29810} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=bd06d34c26914dab8789d0db21e101f8&tu=10GAy00Jj2D30q0&sku=&tstsId=&ver=&&r=46 BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll [2014-02-26] (Check Point Software Technologies LTD) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-24] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2015-10-19] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14] CHR Extension: (Google Docs) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14] CHR Extension: (Google Drive) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google Search) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-23] CHR Extension: (Google Sheets) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14] CHR Extension: (Avira Browser Safety) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-20] CHR Extension: (Google Docs Offline) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16] CHR Extension: (Gmail) - C:\Users\Devan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-20] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-20] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-20] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] () R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-19] (WildTangent) R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] () S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-03-26] (TOSHIBA CORPORATION) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed] R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-20] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-20] (Avira Operations GmbH & Co. KG) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-04-16] (Symantec Corporation) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-04-16] (Symantec Corporation) [File not signed] S3 iscFlash; c:\UBIOS\iscflashx64.sys [60680 2013-02-25] (Insyde Software) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [29424 2013-03-14] (Synaptics Incorporated) R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [110976 2013-03-25] (TOSHIBA Corporation) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider) R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-24 14:59 - 2015-10-24 14:59 - 02196480 _____ (Farbar) C:\Users\Devan\Downloads\FRST64 (2).exe 2015-10-24 14:17 - 2015-10-24 14:18 - 02196480 _____ (Farbar) C:\Users\Devan\Downloads\FRST64 (1).exe 2015-10-24 13:48 - 2015-10-24 13:48 - 00000077 _____ C:\WINDOWS\setupact.log 2015-10-24 13:48 - 2015-10-24 13:48 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-10-24 12:06 - 2015-10-24 13:48 - 00000526 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task ad572c2a-894d-4383-b3f5-fd46ec8a7ebc.job 2015-10-24 12:06 - 2015-10-24 13:48 - 00000526 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 248fc983-e742-427e-9fb0-2003cae7b68b.job 2015-10-24 12:06 - 2015-10-24 12:06 - 00003578 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task ad572c2a-894d-4383-b3f5-fd46ec8a7ebc 2015-10-24 12:06 - 2015-10-24 12:06 - 00003496 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 248fc983-e742-427e-9fb0-2003cae7b68b 2015-10-24 12:05 - 2015-10-24 12:05 - 00001831 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2015-10-24 12:05 - 2015-10-24 12:05 - 00000000 ____D C:\Users\Devan\AppData\Roaming\SUPERAntiSpyware.com 2015-10-24 12:05 - 2015-10-24 12:05 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2015-10-24 12:05 - 2015-10-24 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-10-24 12:05 - 2015-10-24 12:05 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-10-24 12:03 - 2015-10-24 12:04 - 23774880 _____ (SUPERAntiSpyware) C:\Users\Devan\Downloads\SUPERAntiSpyware.exe 2015-10-24 12:00 - 2015-10-24 12:00 - 00480772 _____ C:\Users\Devan\AppData\Local\census.cache 2015-10-24 12:00 - 2015-10-24 12:00 - 00181192 _____ C:\Users\Devan\AppData\Local\ars.cache 2015-10-24 11:57 - 2015-10-24 11:57 - 00000010 _____ C:\Users\Devan\AppData\Local\sponge.last.runtime.cache 2015-10-24 11:48 - 2015-10-24 11:48 - 00000036 _____ C:\Users\Devan\AppData\Local\housecall.guid.cache 2015-10-24 11:48 - 2015-05-29 03:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys 2015-10-24 11:45 - 2015-10-24 11:45 - 02494944 _____ (Trend Micro Inc.) C:\Users\Devan\Downloads\HousecallLauncher64.exe 2015-10-23 23:03 - 2015-10-24 11:18 - 00000000 ____D C:\Users\Devan\Downloads\PopcornTime 2015-10-23 23:03 - 2015-10-23 23:03 - 00001220 _____ C:\Users\Public\Desktop\Popcorn Time.lnk 2015-10-23 23:02 - 2015-10-23 23:04 - 00000000 ____D C:\Program Files (x86)\Popcorn Time 2015-10-23 23:02 - 2015-10-23 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-10-23 22:58 - 2015-10-23 23:01 - 48332813 _____ (Popcorn Time ) C:\Users\Devan\Downloads\PopcornTime-latest.exe 2015-10-23 22:12 - 2015-10-23 22:12 - 00000000 ____D C:\Users\Devan\AppData\Local\Popcorn-Time 2015-10-23 22:11 - 2015-10-23 22:11 - 00002269 _____ C:\Users\Devan\Desktop\Popcorn Time.lnk 2015-10-23 22:11 - 2015-10-23 22:11 - 00000000 ____D C:\Users\Devan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-10-23 22:10 - 2015-10-23 22:11 - 00000000 ____D C:\Users\Devan\AppData\Local\Popcorn Time 2015-10-23 14:22 - 2015-10-23 14:22 - 00000032 _____ C:\Users\Devan\Desktop\rosie pic confirm.txt 2015-10-20 20:34 - 2015-10-22 12:09 - 00000000 ____D C:\WINDOWS\Minidump 2015-10-16 12:11 - 2015-10-16 12:11 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-10-15 01:03 - 2015-09-18 23:18 - 00035384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-10-15 01:03 - 2015-09-18 09:42 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-10-15 01:03 - 2015-09-18 09:42 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-10-15 01:03 - 2015-09-18 09:42 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-10-15 01:03 - 2015-09-18 09:42 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-10-15 01:03 - 2015-09-18 09:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-10-15 01:03 - 2015-09-18 09:42 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-15 01:03 - 2015-08-07 17:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2015-10-15 01:03 - 2015-08-07 17:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2015-10-15 01:03 - 2015-08-07 17:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2015-10-15 01:03 - 2015-08-07 10:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2015-10-15 01:03 - 2015-08-06 12:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2015-10-15 01:03 - 2015-08-06 12:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2015-10-15 01:02 - 2015-09-29 08:31 - 07457624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-15 01:02 - 2015-09-29 08:31 - 01658536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-15 01:02 - 2015-09-29 08:31 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-15 01:02 - 2015-09-29 08:31 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-15 01:02 - 2015-09-29 08:31 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-15 01:02 - 2015-09-24 12:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2015-10-15 01:02 - 2015-09-24 12:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-15 01:02 - 2015-09-10 14:02 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-15 01:02 - 2015-09-10 13:14 - 05990400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-15 01:02 - 2015-09-10 13:09 - 20358144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-15 01:02 - 2015-09-10 12:24 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-15 01:02 - 2015-08-26 22:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-15 01:02 - 2015-08-26 22:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-15 01:02 - 2015-08-07 17:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-10-15 01:02 - 2015-08-07 17:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-10-15 01:02 - 2015-08-06 13:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2015-10-15 01:02 - 2015-08-06 12:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2015-10-15 01:01 - 2015-09-29 08:29 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-10-15 01:01 - 2015-09-28 14:45 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-10-15 01:01 - 2015-09-28 14:26 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-10-15 01:01 - 2015-09-28 14:25 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-10-15 01:01 - 2015-09-28 14:25 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-10-15 01:01 - 2015-09-28 14:25 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-10-15 01:01 - 2015-09-28 14:22 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-10-15 01:01 - 2015-09-28 14:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-10-15 01:01 - 2015-09-28 14:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-10-15 01:01 - 2015-09-28 14:15 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-10-15 01:01 - 2015-09-28 14:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-10-15 01:01 - 2015-09-28 14:12 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-10-15 01:01 - 2015-09-10 13:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-15 01:01 - 2015-09-10 13:18 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-10-15 01:01 - 2015-09-10 13:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-10-15 01:01 - 2015-09-10 13:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-10-15 01:01 - 2015-09-10 13:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-15 01:01 - 2015-09-10 12:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-10-15 01:01 - 2015-09-10 12:39 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-15 01:01 - 2015-09-10 12:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-10-15 01:01 - 2015-09-10 12:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-10-15 01:01 - 2015-09-10 12:35 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-10-15 01:01 - 2015-09-10 12:33 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-10-15 01:01 - 2015-09-10 12:28 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-10-15 01:01 - 2015-09-10 12:28 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-10-15 01:01 - 2015-09-10 12:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-15 01:01 - 2015-09-10 12:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-10-15 01:01 - 2015-09-10 12:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-10-15 01:01 - 2015-09-10 12:19 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-10-15 01:01 - 2015-09-10 12:19 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-10-15 01:01 - 2015-09-10 12:17 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-10-15 01:01 - 2015-09-10 12:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-10-15 01:01 - 2015-09-10 12:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-10-15 01:01 - 2015-09-10 12:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-10-15 01:01 - 2015-09-10 12:02 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-15 01:01 - 2015-09-10 12:01 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-10-15 01:01 - 2015-09-10 12:00 - 12853760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-15 01:01 - 2015-09-10 11:57 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-10-15 01:01 - 2015-09-10 11:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-10-15 01:01 - 2015-09-10 11:55 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-10-15 01:01 - 2015-09-10 11:55 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-10-15 01:01 - 2015-09-10 11:55 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-10-15 01:01 - 2015-09-10 11:45 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-10-15 01:01 - 2015-09-10 11:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-10-15 01:01 - 2015-09-10 11:31 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-10-15 01:01 - 2015-09-10 11:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-10-15 01:01 - 2015-09-10 11:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-15 01:01 - 2015-08-22 09:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-15 01:01 - 2015-07-16 14:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll 2015-10-10 00:25 - 2015-10-23 22:06 - 00085504 ___SH C:\Users\Devan\Downloads\Thumbs.db 2015-10-09 21:34 - 2015-10-09 21:34 - 00000000 ____D C:\Users\Devan\Documents\Software Bisque 2015-10-09 21:34 - 2015-10-09 21:34 - 00000000 ____D C:\Users\Devan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Software Bisque 2015-10-09 21:34 - 2015-10-09 21:34 - 00000000 ____D C:\Program Files (x86)\Plus! 2015-10-09 21:33 - 2015-10-09 21:33 - 00000000 ____D C:\Program Files (x86)\Software Bisque 2015-09-28 13:30 - 2015-09-28 13:31 - 00027281 _____ C:\Users\Devan\Downloads\Addition.txt 2015-09-28 13:29 - 2015-10-24 15:03 - 00019445 _____ C:\Users\Devan\Downloads\FRST.txt 2015-09-28 13:28 - 2015-10-24 15:02 - 00000000 ____D C:\FRST 2015-09-28 13:23 - 2015-09-28 13:24 - 02192384 _____ (Farbar) C:\Users\Devan\Downloads\FRST64.exe 2015-09-27 23:28 - 2015-09-27 23:28 - 00000000 ____D C:\ProgramData\BlueStacks 2015-09-27 22:23 - 2015-09-27 22:23 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-09-27 22:23 - 2015-09-27 22:23 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-09-27 22:23 - 2015-09-27 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-09-27 22:23 - 2015-09-27 22:23 - 00000000 ____D C:\Program Files\CCleaner 2015-09-27 22:22 - 2015-09-27 22:22 - 06677440 _____ (Piriform Ltd) C:\Users\Devan\Downloads\ccsetup510.exe 2015-09-27 22:07 - 2015-09-27 22:07 - 00000000 ____D C:\Program Files\IDT 2015-09-27 22:07 - 2013-08-16 05:21 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll 2015-09-27 22:07 - 2013-08-16 05:21 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl 2015-09-27 22:05 - 2015-09-27 22:05 - 00000000 ____D C:\Users\Devan\AppData\Local\Downloaded Installations 2015-09-27 22:05 - 2015-09-27 22:05 - 00000000 ____D C:\ProgramData\SRS Labs 2015-09-27 22:05 - 2015-09-27 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc 2015-09-27 22:05 - 2015-09-27 22:05 - 00000000 ____D C:\Program Files (x86)\DTS, Inc 2015-09-27 21:56 - 2015-09-27 21:56 - 00000000 ____D C:\Program Files (x86)\Cisco 2015-09-27 21:54 - 2015-09-27 21:54 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-09-27 21:17 - 2015-09-27 21:17 - 00000000 ____D C:\Users\Devan\AppData\Local\AppEx Networks 2015-09-27 21:17 - 2015-09-27 21:17 - 00000000 ____D C:\ProgramData\ATI 2015-09-27 21:08 - 2015-09-27 21:08 - 00000000 ____D C:\UBIOS 2015-09-26 03:42 - 2015-09-26 03:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream 2015-09-26 03:42 - 2015-09-26 03:42 - 00000000 ____D C:\Program Files\AMD Quick Stream 2015-09-26 03:42 - 2013-04-18 07:04 - 00219360 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys 2015-09-26 03:41 - 2015-09-26 03:41 - 00055499 _____ C:\WINDOWS\SysWOW64\CCCInstall_201509260341366778.log 2015-09-26 03:41 - 2015-09-26 03:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-09-26 03:41 - 2015-09-26 03:41 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2015-09-26 03:36 - 2013-08-30 20:14 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2015-09-26 03:36 - 2013-08-30 20:14 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2015-09-26 03:36 - 2013-08-30 20:14 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-09-26 03:36 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-09-26 03:36 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-09-26 03:36 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-09-26 03:36 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-09-26 03:36 - 2013-08-30 20:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-09-26 03:36 - 2013-08-30 20:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-09-26 03:36 - 2013-08-30 20:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-09-26 03:36 - 2013-08-30 20:05 - 00781312 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-09-26 03:36 - 2013-08-30 19:48 - 00229376 _____ C:\WINDOWS\system32\clinfo.exe 2015-09-26 03:36 - 2013-08-30 19:48 - 00127488 _____ (AMD) C:\WINDOWS\system32\coinst_13.152.dll 2015-09-26 03:36 - 2013-08-30 19:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-09-26 03:36 - 2013-08-30 19:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2015-09-26 03:36 - 2013-08-30 19:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2015-09-26 03:36 - 2013-08-30 19:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2015-09-26 03:36 - 2013-08-30 19:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2015-09-26 03:36 - 2013-08-30 19:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-09-26 03:36 - 2013-08-30 19:43 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-09-26 03:36 - 2013-08-30 19:43 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-09-26 03:36 - 2013-08-30 19:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-09-26 03:36 - 2013-08-30 19:18 - 00530824 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-09-26 03:36 - 2013-08-30 19:18 - 00530824 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-09-26 03:36 - 2013-08-30 19:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-09-26 03:36 - 2013-08-30 19:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-09-26 03:36 - 2013-08-30 19:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-09-26 03:36 - 2013-08-30 19:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-09-26 03:36 - 2013-08-30 19:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-09-26 03:36 - 2013-08-30 19:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-09-26 03:36 - 2013-08-30 19:14 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-09-26 03:36 - 2013-08-30 19:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-09-26 03:36 - 2013-08-30 19:04 - 03388672 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-09-26 03:36 - 2013-08-30 18:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-09-26 03:36 - 2013-08-30 18:58 - 00571904 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-09-26 03:36 - 2013-08-30 18:58 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-09-26 03:36 - 2013-08-30 18:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-09-26 03:36 - 2013-08-30 18:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-09-26 03:36 - 2013-08-30 18:50 - 03422720 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-09-26 03:36 - 2013-08-30 18:37 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2015-09-26 03:36 - 2013-08-30 18:37 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2015-09-26 03:36 - 2013-08-30 18:37 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2015-09-26 03:36 - 2013-08-30 18:37 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2015-09-26 03:36 - 2013-08-30 18:35 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-09-26 03:36 - 2013-08-30 18:34 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-09-26 03:36 - 2013-08-30 18:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-09-26 03:36 - 2013-08-30 18:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-09-26 03:36 - 2013-08-30 18:33 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-09-26 03:36 - 2013-08-30 18:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-09-26 03:36 - 2013-08-30 18:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-09-26 03:36 - 2013-08-30 18:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-09-26 03:36 - 2013-08-30 18:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-09-26 03:36 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-09-26 03:36 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-09-26 03:36 - 2013-08-27 15:06 - 00233652 _____ C:\WINDOWS\system32\ativvaxy_cik.dat 2015-09-26 03:36 - 2013-08-27 13:27 - 00082336 _____ C:\WINDOWS\system32\ativce02.dat 2015-09-26 03:36 - 2013-08-07 13:22 - 00716208 _____ C:\WINDOWS\system32\atiicdxx.dat 2015-09-26 03:36 - 2013-08-07 11:12 - 00231984 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat 2015-09-26 03:36 - 2013-05-04 15:22 - 00047164 _____ C:\WINDOWS\atiogl.xml 2015-09-26 00:36 - 2015-09-26 00:36 - 00000000 ____D C:\Users\Devan\AppData\Roaming\WinBatch 2015-09-26 00:15 - 2015-10-16 12:11 - 00002050 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-24 15:01 - 2014-05-30 13:01 - 00000000 ____D C:\Users\Devan\AppData\Roaming\Skype 2015-10-24 15:00 - 2014-10-31 09:47 - 01862990 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-24 15:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-24 14:43 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-24 14:24 - 2014-04-16 16:12 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3712499783-581391182-1704282419-1001 2015-10-24 14:16 - 2014-10-31 18:44 - 00000000 __RDO C:\Users\Devan\OneDrive 2015-10-24 14:15 - 2015-07-14 21:48 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-24 14:14 - 2015-04-01 15:36 - 00003474 _____ C:\WINDOWS\System32\Tasks\Driver Support 2015-10-24 14:13 - 2015-07-14 21:48 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-24 13:48 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-24 13:46 - 2014-06-27 21:48 - 00000000 ____D C:\Program Files (x86)\B9CBA23D-4CBF-4122-9CD4-34A83873247C 2015-10-24 11:27 - 2015-04-18 14:53 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-24 11:26 - 2015-04-18 14:52 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-10-24 11:26 - 2015-04-18 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-10-24 11:26 - 2015-04-18 14:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-10-24 10:28 - 2014-10-31 18:51 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D973A59-42C4-44B7-8470-D096E850F37B} 2015-10-24 00:55 - 2015-07-14 21:27 - 00144896 ___SH C:\Users\Devan\Desktop\Thumbs.db 2015-10-24 00:54 - 2014-06-09 00:07 - 00000000 ____D C:\Users\Devan\AppData\Local\CrashDumps 2015-10-23 22:34 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-10-23 15:35 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-10-23 00:01 - 2014-10-31 09:56 - 00000000 ____D C:\Users\Devan 2015-10-21 13:46 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-10-20 20:06 - 2015-07-14 21:48 - 00000000 ____D C:\Users\Devan\AppData\Local\Google 2015-10-20 14:23 - 2015-04-03 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-10-20 14:21 - 2015-04-03 00:41 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-10-20 14:21 - 2015-04-03 00:41 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-10-20 12:14 - 2014-09-24 03:15 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-19 15:55 - 2013-12-18 19:04 - 00000000 ____D C:\Program Files (x86)\WildTangent Games 2015-10-17 15:57 - 2014-05-16 13:33 - 00000000 ____D C:\Users\Devan\AppData\LocalLow\Adblock Plus for IE 2015-10-16 13:22 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache 2015-10-16 12:11 - 2013-04-26 04:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-10-16 12:02 - 2014-12-26 15:37 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-16 12:02 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-10-16 00:51 - 2015-03-24 17:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 00:51 - 2015-03-24 17:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-15 22:32 - 2014-05-06 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-15 22:27 - 2014-05-06 10:11 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-10-13 12:45 - 2015-08-31 03:44 - 00001161 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-10-13 12:45 - 2014-05-16 13:33 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-07 15:06 - 2015-04-20 11:33 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-10-06 20:21 - 2015-04-20 11:33 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-10-05 09:50 - 2015-04-18 14:52 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-10-05 09:50 - 2015-04-18 14:52 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-10-05 09:50 - 2015-04-18 14:52 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-28 00:22 - 2012-07-26 04:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-09-27 23:24 - 2013-08-22 10:44 - 00337840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-27 22:29 - 2014-10-31 13:43 - 00000000 ___DC C:\WINDOWS\Panther 2015-09-27 22:29 - 2014-10-23 10:01 - 00000000 ____D C:\Users\Devan\AppData\Roaming\uTorrent 2015-09-27 22:01 - 2013-04-26 04:47 - 00000000 ____D C:\Program Files\TOSHIBA 2015-09-27 21:54 - 2013-04-26 04:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-09-27 21:20 - 2014-06-04 21:19 - 00004346 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMScan 2015-09-27 21:20 - 2014-06-04 21:19 - 00003780 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMUpdater 2015-09-27 21:20 - 2014-06-04 21:19 - 00003768 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMRules 2015-09-27 21:19 - 2014-06-04 21:19 - 00000000 ____D C:\ProgramData\UAB 2015-09-26 03:41 - 2013-12-18 18:34 - 00000000 ____D C:\ProgramData\AMD 2015-09-26 00:39 - 2013-04-26 04:47 - 00000000 ____D C:\Program Files (x86)\TOSHIBA 2015-09-26 00:10 - 2015-05-06 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain 2015-09-26 00:10 - 2015-05-06 10:01 - 00000000 ____D C:\Program Files (x86)\Cain 2015-09-24 02:58 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\Registration 2015-09-24 01:05 - 2014-05-16 13:33 - 00000000 ____D C:\Program Files\Adblock Plus for IE 2015-09-24 00:10 - 2015-07-14 21:48 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-24 00:10 - 2015-07-14 21:48 - 00003658 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2014-06-04 22:18 - 2014-06-04 22:18 - 0000042 _____ () C:\Users\Devan\AppData\Roaming\WB.CFG 2015-10-24 12:00 - 2015-10-24 12:00 - 0181192 _____ () C:\Users\Devan\AppData\Local\ars.cache 2015-10-24 12:00 - 2015-10-24 12:00 - 0480772 _____ () C:\Users\Devan\AppData\Local\census.cache 2015-10-24 11:48 - 2015-10-24 11:48 - 0000036 _____ () C:\Users\Devan\AppData\Local\housecall.guid.cache 2015-10-24 11:57 - 2015-10-24 11:57 - 0000010 _____ () C:\Users\Devan\AppData\Local\sponge.last.runtime.cache Some files in TEMP: ==================== C:\Users\Devan\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-24 14:24 ==================== End of FRST.txt ============================