Hi, everybody. I need a little help... As the title indicates, I downloaded something I shouldn't have, in spite of my better judgment (domain: bushetorrents.com), and now malware is everywhere. I've run CCleaner, uninstalled some 4 or 5 adware programs, and after noticing that Chrome was missing from my Start Menu's pinned programs (it's always at the very top) and that when opened Chrome redirected to an ad, I knew I had to seek outside help. So below are my logs. Thanks in advance for any and all help.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-09-2015
Ran by Nicolas Chauvin 2.0 (administrator) on SEAN (02-10-2015 18:20:06)
Running from C:\Users\Nicolas Chauvin 2.0\Desktop
Loaded Profiles: Nicolas Chauvin 2.0 (Available Profiles: Nicolas Chauvin 2.0)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\dgnsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\loggerservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Spotify Ltd) C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Trend Micro Inc.) C:\Users\Nicolas Chauvin 2.0\Downloads\HijackThis (1).exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-06] (Avast Software s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM\...\Run: [DNS7reminder] => C:\Program Files\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc.)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Run: [Spotify Web Helper] => C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-21] (Spotify Ltd)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Run: [Google Update] => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Run: [GoogleChromeAutoLaunch_4AC61858F0558DE8AA8B6DCD1AC2375C] => C:\Program Files\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\MountPoints2: {c49c2100-1f71-11e5-a841-00269e2d7972} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-01] (Avast Software s.r.o.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{812FE7BD-8B2D-434D-A4F4-911A87B6A792}: [DhcpNameServer] 192.168.0.1 205.171.2.65
Tcpip\..\Interfaces\{E3FF2110-CF1F-43FF-9E7B-B0C35D7E061D}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScgFeUV1ARBgRdl0MTA1IFVYOIQEIUBQXQg0WIVtaVloXEgAFIk0FA1ADB0VXfVBdFElXTwhwJVx1DksUc1BQNVVMEnEEQw==
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggScgFeUV1ARBgRdl0MTA1IFVYOIQEIUBQXQg0WIVtaVloXEgAFIk0FA1ADB0VXfVBdFElXTwhwJVx1DksUc1BQNVVMEnEEQw==
SearchScopes: HKLM -> DefaultScope {589B893E-773C-4941-88C2-0DCC718E621C} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKWV9BRQRGbQsOBQ1cFQwXIxRZWQlADFNAeAxZA1tGQlMQdR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKWV9BRQRGbQsOBQ1cFQwXIxRZWQlADFNAeAxZA1tGQlMQdR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1908793814-2174131667-131035205-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKWV9BRQRGbQsOBQ1cFQwXIxRZWQlADFNAeAxZA1tGQlMQdR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1908793814-2174131667-131035205-1003 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKU\S-1-5-21-1908793814-2174131667-131035205-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgKWV9BRQRGbQsOBQ1cFQwXIxRZWQlADFNAeAxZA1tGQlMQdR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [2015-04-20] (Nuance Communications, Inc.)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-05] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\Firefox\Profiles\3v5gf8jo.default
FF SelectedSearchEngine: Taplika
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: nuance.com/DgnRia2 -> C:\Program Files\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [2015-04-20] (Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-1908793814-2174131667-131035205-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-1908793814-2174131667-131035205-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1908793814-2174131667-131035205-1003: @talk.google.com/O1DPlugin -> C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1908793814-2174131667-131035205-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1908793814-2174131667-131035205-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: dueeal4reeaL - C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\Firefox\Profiles\3v5gf8jo.default\Extensions\
[email protected] [2015-05-01]
FF Extension: reealdEAll - C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\Firefox\Profiles\3v5gf8jo.default\Extensions\
[email protected] [2015-05-01]
FF Extension: turkopticon - C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\Firefox\Profiles\3v5gf8jo.default\Extensions\{4324f4a6-3a89-477e-b388-6bca032df78b}.xpi [2014-05-21]
FF Extension: Greasemonkey - C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Mozilla\Firefox\Profiles\3v5gf8jo.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-05-21]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-02]
CHR Extension: (Google Docs) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Google Drive) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (YouTube) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Google Search) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (Google Sheets) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Gmail) - C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-01] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-07-01] (Avast Software)
R2 DragonLoggerService; C:\Program Files\Common Files\Nuance\loggerservice.exe [151616 2015-04-20] (Nuance Communications, Inc.)
R2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [339008 2015-04-20] (Nuance Communications, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-07-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-07-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-07-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-07-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-07-01] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 NETw1v32; C:\Windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-20] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-01] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-02 18:20 - 2015-10-02 18:20 - 00015666 _____ C:\Users\Nicolas Chauvin 2.0\Desktop\FRST.txt
2015-10-02 18:19 - 2015-10-02 18:20 - 00000000 ____D C:\FRST
2015-10-02 18:19 - 2015-10-02 18:19 - 01696256 _____ (Farbar) C:\Users\Nicolas Chauvin 2.0\Downloads\FRST.exe
2015-10-02 18:19 - 2015-10-02 18:19 - 01696256 _____ (Farbar) C:\Users\Nicolas Chauvin 2.0\Desktop\FRST.exe
2015-10-02 17:42 - 2015-10-02 17:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nicolas Chauvin 2.0\Desktop\HijackThis (1).exe
2015-10-02 17:41 - 2015-10-02 17:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nicolas Chauvin 2.0\Downloads\HijackThis (1).exe
2015-10-02 17:36 - 2015-10-02 17:36 - 00055104 _____ C:\Users\Nicolas Chauvin 2.0\Documents\cc_20151002_173616.reg
2015-10-02 17:29 - 2015-10-02 17:29 - 00000900 _____ C:\Windows\system32\${LOGFILE}
2015-10-02 17:26 - 2015-10-02 17:34 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\WTools
2015-10-02 17:26 - 2015-10-02 17:33 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Store
2015-10-02 17:26 - 2015-10-02 17:26 - 00000078 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\WindApp.installation.log
2015-10-02 17:26 - 2015-10-02 17:26 - 00000078 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Selection Tools.installation.log
2015-10-02 17:24 - 2015-10-02 17:29 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Nosibay
2015-10-02 17:24 - 2015-10-02 17:26 - 00001272 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Bubble Dock.boostrap.log
2015-10-02 17:24 - 2015-10-02 17:25 - 00005796 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Bubble Dock.installation.log
2015-10-02 17:24 - 2015-10-02 17:24 - 00000097 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\WindApp.boostrap.log
2015-10-02 17:21 - 2015-10-02 17:23 - 03848256 _____ (Factory Choco LLC) C:\Users\Nicolas Chauvin 2.0\Downloads\Arvo_Part_-_28_Albuns_FLAC_downloader.exe
2015-09-23 15:49 - 2015-09-23 15:49 - 00019041 _____ C:\Users\Nicolas Chauvin 2.0\Downloads\Graphs.xlsx.xlsx
2015-09-23 15:48 - 2015-09-23 15:48 - 00012093 _____ C:\Users\Nicolas Chauvin 2.0\Downloads\Instructions_Graph (1).xlsx
2015-09-22 19:39 - 2015-09-22 19:39 - 00005969 _____ C:\Users\Nicolas Chauvin 2.0\Downloads\Whatever (1).xlsx
2015-09-22 19:37 - 2015-09-22 19:37 - 00005969 _____ C:\Users\Nicolas Chauvin 2.0\Downloads\Whatever.xlsx
2015-09-18 16:00 - 2015-09-18 16:00 - 00012093 _____ C:\Users\Nicolas Chauvin 2.0\Downloads\Instructions_Graph.xlsx
2015-09-18 13:04 - 2015-09-18 19:10 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\dasher.rc
2015-09-18 13:03 - 2015-09-18 13:03 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dasher 4.11
2015-09-18 13:03 - 2015-09-18 13:03 - 00000000 ____D C:\Program Files\Dasher
2015-09-18 12:58 - 2015-09-18 12:59 - 09722076 _____ C:\Users\Nicolas Chauvin 2.0\Downloads\Dasher 4.11.msi
2015-09-08 17:16 - 2015-08-05 10:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 17:16 - 2015-08-05 10:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 17:16 - 2015-08-05 10:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 17:16 - 2015-08-04 10:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-08 17:16 - 2015-08-04 10:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 17:16 - 2015-08-04 10:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 17:16 - 2015-08-04 10:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 17:16 - 2015-08-04 10:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 17:16 - 2015-08-04 09:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 17:15 - 2015-09-01 19:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 17:15 - 2015-09-01 19:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 17:15 - 2015-09-01 19:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 17:15 - 2015-09-01 19:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 17:15 - 2015-09-01 18:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 17:15 - 2015-09-01 18:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-08 17:15 - 2015-08-26 10:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-08 17:15 - 2015-08-26 10:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 17:15 - 2015-08-26 10:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-08 17:15 - 2015-08-26 10:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 17:15 - 2015-08-26 10:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 17:15 - 2015-08-17 18:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 17:15 - 2015-08-14 23:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 17:15 - 2015-08-14 22:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-08 17:15 - 2015-08-14 22:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 17:15 - 2015-08-14 22:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 17:15 - 2015-08-14 22:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-08 17:15 - 2015-08-14 22:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-08 17:15 - 2015-08-14 22:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-08 17:15 - 2015-08-14 22:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-08 17:15 - 2015-08-14 22:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 17:15 - 2015-08-14 22:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-08 17:15 - 2015-08-14 22:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-08 17:15 - 2015-08-14 22:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-08 17:15 - 2015-08-14 22:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 17:15 - 2015-08-14 22:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-08 17:15 - 2015-08-14 22:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-08 17:15 - 2015-08-14 22:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-08 17:15 - 2015-08-14 22:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 17:15 - 2015-08-14 22:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-08 17:15 - 2015-08-14 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 17:15 - 2015-08-14 22:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-08 17:15 - 2015-08-14 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-08 17:15 - 2015-08-14 22:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-08 17:15 - 2015-08-14 22:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 17:15 - 2015-08-14 22:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 17:15 - 2015-08-14 22:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 17:15 - 2015-08-14 22:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 17:15 - 2015-08-14 22:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 17:15 - 2015-08-14 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-08 17:15 - 2015-08-14 21:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 17:15 - 2015-08-14 21:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 17:15 - 2015-08-14 21:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 17:15 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-02 18:12 - 2014-05-26 00:07 - 00000984 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003UA.job
2015-10-02 18:02 - 2009-07-13 21:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-02 18:02 - 2009-07-13 21:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-02 18:00 - 2014-02-14 15:04 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 17:55 - 2014-05-14 15:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-02 17:39 - 2015-01-19 15:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-02 17:38 - 2015-01-19 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-02 17:38 - 2015-01-19 15:47 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-02 17:28 - 2015-01-19 16:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-02 17:28 - 2014-02-23 14:51 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\uTorrent
2015-10-02 17:26 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-10-02 17:24 - 2014-02-16 11:52 - 00001505 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-02 17:14 - 2015-08-20 18:39 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\Desktop\Statistics
2015-10-02 12:22 - 2014-02-01 17:55 - 01689666 ____N C:\Windows\WindowsUpdate.log
2015-10-02 12:00 - 2014-02-14 15:04 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-02 11:52 - 2014-04-27 22:39 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003Core.job
2015-10-02 11:00 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-01 19:00 - 2014-02-16 12:12 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Local\Spotify
2015-10-01 18:28 - 2014-02-16 12:12 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Spotify
2015-09-30 19:11 - 2015-09-01 19:41 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\Desktop\Intro to Social Work
2015-09-30 01:14 - 2014-05-26 00:07 - 00000962 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003Core.job
2015-09-29 17:54 - 2015-08-22 16:28 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\Desktop\Social Work Philosophy
2015-09-18 16:47 - 2014-02-16 11:52 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Local\VirtualStore
2015-09-17 16:28 - 2015-08-22 22:24 - 00378993 _____ C:\Users\Apps\creator-about-modals.spa
2015-09-17 16:28 - 2015-08-11 13:56 - 01867297 _____ C:\Users\Apps\musixmatch-lyrics-cp.spa
2015-09-17 16:28 - 2015-08-11 13:56 - 00449780 _____ C:\Users\snapshot_blob.bin
2015-09-17 16:28 - 2015-08-11 13:56 - 00410937 _____ C:\Users\natives_blob.bin
2015-09-17 16:28 - 2015-05-27 20:29 - 00607382 _____ C:\Users\Apps\local-files-desktop.spa
2015-09-17 16:28 - 2015-05-13 12:31 - 00195849 _____ C:\Users\Apps\hub.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 45067320 _____ C:\Users\libcef.dll
2015-09-17 16:28 - 2015-03-31 13:13 - 10207504 _____ C:\Users\icudtl.dat
2015-09-17 16:28 - 2015-03-31 13:13 - 07535672 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-09-17 16:28 - 2015-03-31 13:13 - 04487782 _____ C:\Users\devtools_resources.pak
2015-09-17 16:28 - 2015-03-31 13:13 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-09-17 16:28 - 2015-03-31 13:13 - 02184260 _____ C:\Users\cef.pak
2015-09-17 16:28 - 2015-03-31 13:13 - 02157553 _____ C:\Users\Apps\glue-resources.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-09-17 16:28 - 2015-03-31 13:13 - 02018360 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-09-17 16:28 - 2015-03-31 13:13 - 01649208 _____ C:\Users\libGLESv2.dll
2015-09-17 16:28 - 2015-03-31 13:13 - 00967736 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll
2015-09-17 16:28 - 2015-03-31 13:13 - 00900495 _____ C:\Users\Apps\zlink.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00839224 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-09-17 16:28 - 2015-03-31 13:13 - 00768038 _____ C:\Users\Apps\playlist-desktop.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00761075 _____ C:\Users\Apps\artist.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00750083 _____ C:\Users\Apps\browse.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00622967 _____ C:\Users\cef_200_percent.pak
2015-09-17 16:28 - 2015-03-31 13:13 - 00555515 _____ C:\Users\Apps\genre.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00549988 _____ C:\Users\Apps\notification-center.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00538456 _____ C:\Users\Apps\settings.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00528578 _____ C:\Users\Apps\collection.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00520851 _____ C:\Users\Apps\collection-artist.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00520120 _____ C:\Users\Apps\discover.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00488825 _____ C:\Users\Apps\album.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00487229 _____ C:\Users\Apps\article.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00478891 _____ C:\Users\Apps\messages.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00468951 _____ C:\Users\cef_100_percent.pak
2015-09-17 16:28 - 2015-03-31 13:13 - 00466223 _____ C:\Users\Apps\collection-album.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00456502 _____ C:\Users\Apps\social-feed.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00453236 _____ C:\Users\Apps\charts.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00398127 _____ C:\Users\Apps\zlogin.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00395528 _____ C:\Users\Apps\collection-songs.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00387716 _____ C:\Users\Apps\social-chart.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00369607 _____ C:\Users\Apps\buddy-list.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00336806 _____ C:\Users\Apps\radio.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00321096 _____ C:\Users\Apps\chart.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00285977 _____ C:\Users\Apps\folder.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00277789 _____ C:\Users\Apps\share.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00261124 _____ C:\Users\Apps\zlink-queue.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00246967 _____ C:\Users\Apps\profile.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00236915 _____ C:\Users\Apps\search.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00218391 _____ C:\Users\Apps\findfriends.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00186702 _____ C:\Users\Apps\suggest.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00158229 _____ C:\Users\Apps\follow.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00098360 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-09-17 16:28 - 2015-03-31 13:13 - 00088762 _____ C:\Users\Apps\about.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00080952 _____ C:\Users\libEGL.dll
2015-09-17 16:28 - 2015-03-31 13:13 - 00078348 _____ C:\Users\Apps\error.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00073272 _____ C:\Users\wow_helper.exe
2015-09-17 16:28 - 2015-03-31 13:13 - 00053462 _____ C:\Users\Apps\ad.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00050934 _____ C:\Users\Apps\licenses.spa
2015-09-17 16:28 - 2015-03-31 13:13 - 00014086 _____ C:\Users\locales\en-US.pak
2015-09-17 16:28 - 2015-03-31 13:13 - 00009273 _____ C:\Users\locales\el.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00008384 _____ C:\Users\locales\ru.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00008121 _____ C:\Users\locales\ja.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007783 _____ C:\Users\locales\fr-CA.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007735 _____ C:\Users\locales\hu.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007669 _____ C:\Users\locales\pl.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007662 _____ C:\Users\locales\fr.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007627 _____ C:\Users\locales\fi.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007542 _____ C:\Users\locales\es-419.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007515 _____ C:\Users\locales\nl.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007499 _____ C:\Users\locales\es.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007490 _____ C:\Users\locales\de.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007475 _____ C:\Users\locales\it.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007461 _____ C:\Users\locales\tr.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007404 _____ C:\Users\locales\zsm.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007402 _____ C:\Users\locales\pt-BR.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007385 _____ C:\Users\locales\sv.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007290 _____ C:\Users\locales\zh-Hant.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007133 _____ C:\Users\locales\arb.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00007062 _____ C:\Users\locales\en.mo
2015-09-17 16:28 - 2015-03-31 13:13 - 00000020 _____ C:\Users\inst_ver.dat
2015-09-17 16:28 - 2015-03-31 13:13 - 00000000 ____D C:\Users\locales
2015-09-17 16:28 - 2015-03-31 13:13 - 00000000 _____ C:\Users\Nicolas.redir
2015-09-14 11:47 - 2014-04-27 22:39 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003UA.job
2015-09-12 21:14 - 2015-03-10 19:27 - 00000000 ____D C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\vlc
2015-09-12 19:12 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\rescache
2015-09-10 19:15 - 2015-03-31 13:13 - 02332541 _____ C:\Users\Apps\musixmatch-lyrics.spa
2015-09-09 13:12 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-09 11:51 - 2009-07-13 21:33 - 00284336 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 11:49 - 2009-07-14 00:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-06 14:47 - 2015-08-22 11:34 - 00000000 ____D C:\ProgramData\TEMP
2015-09-06 14:29 - 2015-08-22 12:49 - 00000955 _____ C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\SAS7_000.DAT
==================== Files in the root of some directories =======
2015-02-15 18:25 - 2015-06-16 14:39 - 0000020 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\appdataFr3.bin
2015-10-02 17:24 - 2015-10-02 17:26 - 0001272 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Bubble Dock.boostrap.log
2015-10-02 17:24 - 2015-10-02 17:25 - 0005796 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Bubble Dock.installation.log
2015-08-22 12:49 - 2015-09-06 14:29 - 0000955 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\SAS7_000.DAT
2015-10-02 17:26 - 2015-10-02 17:26 - 0000078 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\Selection Tools.installation.log
2015-01-25 18:42 - 2015-01-26 19:24 - 0000057 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\WB.CFG
2015-10-02 17:24 - 2015-10-02 17:24 - 0000097 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\WindApp.boostrap.log
2015-10-02 17:26 - 2015-10-02 17:26 - 0000078 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\WindApp.installation.log
2015-01-25 17:44 - 2015-01-25 17:44 - 0000088 _____ () C:\Users\Nicolas Chauvin 2.0\AppData\Local\85bd28a4d10dcb2bd84f89b8a4988f91
2014-12-02 14:02 - 2015-01-19 13:53 - 0000112 _____ () C:\ProgramData\vN5D1Ch.dat
Some files in TEMP:
====================
C:\Users\Nicolas Chauvin 2.0\AppData\Local\Temp\2Wbm7Q0or8.exe
C:\Users\Nicolas Chauvin 2.0\AppData\Local\Temp\eLNNGHpgG1.exe
C:\Users\Nicolas Chauvin 2.0\AppData\Local\Temp\kw6HU1kvtb.exe
C:\Users\Nicolas Chauvin 2.0\AppData\Local\Temp\zWXxcl6rn4.exe
C:\Users\Nicolas Chauvin 2.0\AppData\Local\Temp\{47972ABB-E1E0-488C-BA2E-7ADF16B0B808}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-01 12:24
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-09-2015
Ran by Nicolas Chauvin 2.0 (2015-10-02 18:21:01)
Running from C:\Users\Nicolas Chauvin 2.0\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2014-02-01 23:22:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1908793814-2174131667-131035205-500 - Administrator - Disabled)
Guest (S-1-5-21-1908793814-2174131667-131035205-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1908793814-2174131667-131035205-1002 - Limited - Enabled)
Nicolas Chauvin 2.0 (S-1-5-21-1908793814-2174131667-131035205-1003 - Administrator - Enabled) => C:\Users\Nicolas Chauvin 2.0
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Amazon Kindle) (Version: - Amazon)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Dasher 4.11 (HKLM\...\{BD8ECD28-2D32-11DF-8D17-000423472618}) (Version: 4.11 - The Dasher Project)
Dragon NaturallySpeaking 13 (HKLM\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Image Viewer 4.9 (HKLM\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SoulseekQt (HKLM\...\SoulseekQt) (Version: - )
Spotify (HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TerminusSupport (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5c7da84}) (Version: - Software Publisher) <==== ATTENTION
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Yawcam 0.4.1 (HKLM\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1908793814-2174131667-131035205-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
==================== Restore Points =========================
31-07-2015 11:20:40 Windows Update
04-08-2015 11:41:45 Windows Update
07-08-2015 11:57:29 Windows Update
11-08-2015 14:37:19 Windows Update
11-08-2015 19:32:33 Windows Update
13-08-2015 20:19:39 Windows Update
14-08-2015 13:55:18 Windows Update
18-08-2015 15:11:01 Windows Update
19-08-2015 00:49:07 Windows Update
22-08-2015 11:09:19 Installato Dragon NaturallySpeaking 13.
24-08-2015 00:30:55 Windows Update
24-08-2015 21:02:40 Windows Update
28-08-2015 15:15:11 Windows Update
01-09-2015 11:29:36 Windows Update
04-09-2015 12:29:34 Windows Update
08-09-2015 17:04:59 Windows Update
08-09-2015 20:52:41 Windows Update
09-09-2015 11:39:12 Windows Modules Installer
09-09-2015 11:41:51 Windows Modules Installer
09-09-2015 11:43:04 Windows Modules Installer
15-09-2015 11:56:38 Windows Update
18-09-2015 12:18:08 Windows Update
18-09-2015 13:03:01 Installed Dasher 4.11
22-09-2015 11:29:45 Windows Update
25-09-2015 11:34:14 Windows Update
29-09-2015 12:05:20 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00A7F804-51DB-4063-BF89-74627DE7785E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2D16EC58-843E-4EC3-92A0-F7AF05F1E0D7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003UA => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {47F9D221-25EE-4473-8379-AD6B8D03A8E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {4B4D25FC-605B-44D6-84D1-E32E7A83B967} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003Core => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5F3EFF5F-D6AA-4569-AD62-330BFB845505} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BAE0758B-7E55-4560-ACE9-832601DA56D5} - System32\Tasks\{325CAAEB-EA0E-4A9C-BC9B-60E0D2110F58} => pcalua.exe -a "C:\Users\Nicolas Chauvin 2.0\Downloads\win7_1512754.exe" -d "C:\Users\Nicolas Chauvin 2.0\Downloads"
Task: {C5B9534D-D699-43BD-B9A2-4A8B2BE2FB00} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-01] (Avast Software s.r.o.)
Task: {ECC0DB03-FAC1-417A-A3EA-E8361DCAC522} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {F124AFCA-D217-4648-8A8F-613A2A2C75AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003UA => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F923D5AB-F0B9-4E4B-9448-1E2AE1826987} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003Core => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Facebook\Update\FacebookUpdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003Core.job => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003UA.job => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003Core.job => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1908793814-2174131667-131035205-1003UA.job => C:\Users\Nicolas Chauvin 2.0\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-01 12:09 - 2015-07-01 12:09 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-01 12:09 - 2015-07-01 12:09 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-01 11:53 - 2015-10-01 11:53 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100102\algo.dll
2015-10-02 11:00 - 2015-10-02 11:00 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100202\algo.dll
2015-07-01 12:09 - 2015-07-01 12:10 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-25 17:03 - 2015-09-23 19:34 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 17:03 - 2015-09-23 19:34 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-25 17:03 - 2015-09-23 19:34 - 00310088 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libexif.dll
2015-09-25 17:03 - 2015-09-23 19:34 - 16487752 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1908793814-2174131667-131035205-1003\...\123simsen.com -> www.123simsen.com
There are 7865 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1908793814-2174131667-131035205-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{7DA5F9A7-3ED9-4461-BF37-14F5C7A17766}C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C0257C3F-5C44-4AF4-A41D-13E50E1253FD}C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2D81C637-A96E-4E56-969F-3EC145BE7032}C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D9B83318-8B64-4E92-8C49-51E04B097B5A}C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nicolas chauvin 2.0\appdata\roaming\spotify\spotify.exe
FirewallRules: [{74CC395B-2174-40CA-9DAA-5A1209DA8BEC}] => (Allow) C:\Users\Nicolas Chauvin 2.0\Downloads\uTorrent.exe
FirewallRules: [{55A3651B-27F0-45AD-A4D0-93C8E59DAC6B}] => (Allow) C:\Users\Nicolas Chauvin 2.0\Downloads\uTorrent.exe
FirewallRules: [TCP Query User{B3EF1DFE-E1C9-436D-A303-8C21B54381F0}C:\program files\soulseekqt\soulseekqt.exe] => (Allow) C:\program files\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{7A464496-EBAC-493D-9435-A5982E59ABB9}C:\program files\soulseekqt\soulseekqt.exe] => (Allow) C:\program files\soulseekqt\soulseekqt.exe
FirewallRules: [{17221E1A-895C-42D6-B041-2407B2E51011}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{88BC5C3F-43B1-440B-B73F-05EA92D5FD2E}] => (Allow) C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FE9A5EFE-AAE1-4FD5-BA50-92FBD4D325ED}] => (Allow) C:\Users\Nicolas Chauvin 2.0\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDFC59BF-3EB7-416D-9DF3-7204B7B76BE5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F662122A-041A-4ECD-A5AC-F056C90637C7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{8D230368-2F7F-489B-A91C-FFAB3075F854}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F3EDBA89-5C93-4DDC-8C2A-505F1248BB44}] => (Allow) LPort=51001
FirewallRules: [{04A4B077-A583-4160-A37A-5076B6CF8E3F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2015 05:30:19 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
Error: (10/02/2015 05:26:44 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
Error: (10/02/2015 12:07:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error: (10/01/2015 08:24:58 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
Error: (10/01/2015 12:26:35 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error: (09/30/2015 07:46:49 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
Error: (09/29/2015 07:14:03 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
Error: (09/28/2015 08:39:09 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error: (09/28/2015 01:06:26 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
Error: (09/27/2015 05:58:32 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054
System errors:
=============
Error: (09/25/2015 11:27:36 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/25/2015 11:27:00 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}
Error: (09/25/2015 11:26:59 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (09/25/2015 02:00:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (09/25/2015 02:00:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (09/18/2015 06:54:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupListener service.
Error: (09/12/2015 12:50:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
Error: (09/08/2015 08:52:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (08/25/2015 05:36:01 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (08/24/2015 09:02:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 2974.93 MB
Available physical RAM: 1090.39 MB
Total Virtual: 5948.16 MB
Available Virtual: 3717.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:285.77 GB) (Free:24.94 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:12.12 GB) (Free:2.04 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.13 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E7E8E0A0)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by NumeroUnoCabron, 02 October 2015 - 07:51 PM.