Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HELP PLEASE ASAP [Solved]


  • This topic is locked This topic is locked

#1
yatesy

yatesy

    New Member

  • Member
  • Pip
  • 6 posts

Well I have recently removed some malware and a virus from my pc. I used a few programs and the main issues have gone. However if I'm 'AFK' or not doing anything on my pc then after a few minutes, chrome windows will start opening. This also somehow results in my keyboard not working and when pressing letters on the keyboard it will make things happen on chrome. After restarting my pc it works fine but the same thing will happen again, again and again. I think I may know the source of the problem as I have an unwanted extension installed on Chrome called 'Easy Calender' however when trying to remove this the image below is displayed and I cannot remove the extension. I need help as this is extremely frustrating and I basically cannot use PC. Thanks :) 5f1ab51935b5462ef5071b64e2d72a1e.png

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-11-2015
Ran by Luca (administrator) on LUCA (05-11-2015 16:59:13)
Running from C:\Users\Luca\Downloads
Loaded Profiles: Luca (Available Profiles: Luca)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [EpicScale] => 0
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Spotify Web Helper] => C:\Users\Luca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-09-22] (Spotify Ltd)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Spotify] => C:\Users\Luca\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-09-22] (Spotify Ltd)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [AceUpdater] => C:\Users\Luca\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [AceStream] => C:\Users\Luca\AppData\Roaming\ACEStream\engine\ace_engine.exe [23984 2015-03-28] ()
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1344776 2015-07-20] (Bogdan Sharkov)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
Startup: C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2015-10-30]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk ->  (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{37ede89c-9773-4b26-8cc7-3d51d6628835}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
SearchScopes: HKLM-x32 -> ielnksrch URL = 
SearchScopes: HKU\S-1-5-21-3821372276-3120686255-594467316-1001 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3821372276-3120686255-594467316-1001: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Luca\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF HKLM-x32\...\Firefox\Extensions: [addnFF@AdTech.com] - C:\Program Files (x86)\Addons\firefox.xpi
FF Extension: Super Web Accelerator ! - C:\Program Files (x86)\Addons\firefox.xpi [2014-12-09] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-gb
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-12]
CHR Extension: (Google Docs) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-12]
CHR Extension: (Google Drive) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Adblock Plus) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-24]
CHR Extension: (Google Search) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Search by Image (by Google)) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-12]
CHR Extension: (EasyCalendar) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-10-30]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2015-10-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-12]
CHR Extension: (Google Quick Scroll) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2015-10-30]
CHR Extension: (Gmail) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-12]
CHR HKU\S-1-5-21-3821372276-3120686255-594467316-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-20] ()
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-07] (altPUG LLC)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-07-23] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-08] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NVR0Dev; C:\Windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\Windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [49880 2015-07-21] (Razer Inc)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2015-03-08] (Scarlet.Crush Productions)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-05 16:59 - 2015-11-05 17:00 - 00019007 _____ C:\Users\Luca\Downloads\FRST.txt
2015-11-05 16:59 - 2015-11-05 16:59 - 02198016 _____ (Farbar) C:\Users\Luca\Downloads\FRST64.exe
2015-11-05 16:59 - 2015-11-05 16:59 - 00000000 ____D C:\FRST
2015-11-05 16:46 - 2015-11-05 16:46 - 00016148 _____ C:\WINDOWS\system32\LUCA_Luca_HistoryPrediction.bin
2015-11-04 21:16 - 2015-10-30 17:00 - 00000969 _____ C:\Users\Luca\Desktop\Steam.lnk
2015-11-03 16:23 - 2015-11-03 16:23 - 00040883 _____ C:\Users\Luca\Downloads\JMorris 4231_E779640A-34D7-4FA3-B35F-221C64DA57BA.fmf
2015-10-30 17:08 - 2015-10-30 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-10-30 17:08 - 2015-10-30 17:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-10-30 13:36 - 2015-10-27 23:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:36 - 2015-10-27 23:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:36 - 2015-10-21 12:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:36 - 2015-10-21 05:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:35 - 2015-10-21 12:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:35 - 2015-10-21 12:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:35 - 2015-10-21 12:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:35 - 2015-10-21 12:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:35 - 2015-10-21 12:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:35 - 2015-10-21 11:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:35 - 2015-10-21 11:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:35 - 2015-10-21 11:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:35 - 2015-10-21 11:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:35 - 2015-10-21 11:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:35 - 2015-10-21 11:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:35 - 2015-10-21 11:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:35 - 2015-10-21 11:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:35 - 2015-10-21 11:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:35 - 2015-10-21 11:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:35 - 2015-10-21 11:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:35 - 2015-10-21 11:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:35 - 2015-10-21 11:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:35 - 2015-10-21 11:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:35 - 2015-10-21 11:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:35 - 2015-10-21 05:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:35 - 2015-10-21 05:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:35 - 2015-10-21 05:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:35 - 2015-10-21 05:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:35 - 2015-10-21 05:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:35 - 2015-10-21 05:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:35 - 2015-10-21 05:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:35 - 2015-10-21 04:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:35 - 2015-10-21 04:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:35 - 2015-10-21 04:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 13:17 - 2015-10-30 13:17 - 01723136 _____ C:\WINDOWS\system32\U7.exe
2015-10-30 13:17 - 2015-10-30 13:17 - 00003298 _____ C:\WINDOWS\System32\Tasks\recoveredfiles
2015-10-30 13:17 - 2015-10-30 13:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\DriverMgr
2015-10-30 13:17 - 2015-10-30 13:17 - 00000338 _____ C:\Users\Luca\AppData\Local\mjrrcR.vbs
2015-10-30 13:17 - 2015-10-30 13:17 - 00000098 _____ C:\WINDOWS\SysWOW64\sn.txt
2015-10-30 13:17 - 2015-10-30 13:17 - 00000000 ____D C:\Users\Luca\AppData\Roaming\kTkDsbw2
2015-10-30 13:17 - 2015-10-30 13:17 - 00000000 ____D C:\Users\Luca\AppData\Local\recoveredfiles
2015-10-27 16:32 - 2015-10-27 16:32 - 111633520 _____ (WhatUsersDo Ltd ) C:\Users\Luca\Downloads\whatusersdo-recorder (1).exe
2015-10-27 14:31 - 2015-10-27 14:31 - 00017529 _____ C:\Users\Luca\Downloads\krynomore1_[www.unknowncheats.me]_.rar
2015-10-27 14:24 - 2015-10-27 14:24 - 00009127 _____ C:\Users\Luca\Downloads\[www.OldSchoolHack.me]_A2Menu.rar
2015-10-26 12:57 - 2015-10-26 18:01 - 00000000 ____D C:\Users\Luca\AppData\Local\Arma 3
2015-10-25 19:18 - 2015-10-28 19:05 - 00000000 ____D C:\Users\Luca\AppData\Local\Soccer Manager 2016
2015-10-25 18:45 - 2015-10-28 21:58 - 00000000 ____D C:\Users\Luca\AppData\Local\Sports Interactive
2015-10-24 16:31 - 2015-10-24 16:31 - 01247112 _____ (Mojang) C:\Users\Luca\Desktop\Minecraft.exe
2015-10-24 16:31 - 2015-10-24 16:31 - 00000000 ____D C:\Users\Luca\Desktop\tools
2015-10-24 14:13 - 2015-10-27 15:49 - 00000000 ____D C:\Users\Luca\AppData\Local\ArmA 2 OA
2015-10-24 14:03 - 2015-10-24 14:03 - 00000000 ____D C:\Users\Luca\AppData\Local\Custom_Combat_Gaming
2015-10-24 12:30 - 2015-10-24 12:30 - 00000000 ____D C:\Users\Luca\AppData\Roaming\yvt.jp
2015-10-24 12:30 - 2015-10-24 12:30 - 00000000 ____D C:\Users\Luca\AppData\Roaming\OpenSpades
2015-10-24 12:28 - 2014-06-14 00:38 - 00000000 ____D C:\Users\Luca\Desktop\OpenSpades-0.0.12b-Windows
2015-10-24 12:27 - 2015-10-24 12:27 - 26538318 _____ C:\Users\Luca\Downloads\OpenSpades-0.0.12b-Windows.zip
2015-10-22 18:17 - 2015-10-30 13:17 - 00000203 _____ C:\WINDOWS\system32\gup.xml
2015-10-21 19:53 - 2015-10-21 19:53 - 00000000 ____D C:\Users\Luca\Documents\benko
2015-10-21 19:53 - 2015-10-21 19:53 - 00000000 ____D C:\Users\Luca\AppData\Roaming\U6KobYTu
2015-10-21 19:53 - 2015-10-21 19:53 - 00000000 ____D C:\Users\Luca\AppData\Roaming\charts
2015-10-21 19:53 - 2015-10-21 19:53 - 00000000 ____D C:\Program Files (x86)\Addons
2015-10-21 19:38 - 2015-10-21 19:38 - 00000000 ____D C:\Users\Luca\AppData\Local\Bohemia_Interactive
2015-10-21 19:38 - 2015-10-21 19:38 - 00000000 ____D C:\Users\Luca\AppData\Local\Arma 3 Launcher
2015-10-21 18:18 - 2015-10-21 18:44 - 00000000 ____D C:\Program Files (x86)\Super Mario Forever 2015
2015-10-20 19:12 - 2015-10-27 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhatUsersDo-Screen-Recorder
2015-10-20 19:12 - 2015-10-27 16:35 - 00000000 ____D C:\Program Files (x86)\WhatUsersDo-Screen-Recorder
2015-10-20 19:12 - 2015-10-20 19:16 - 00000000 ____D C:\Users\Luca\AppData\Roaming\.WhatUsersDo-Recorder
2015-10-20 19:12 - 2015-10-20 19:12 - 00000000 ____D C:\Users\Luca\.oracle_jre_usage
2015-10-20 19:10 - 2015-10-20 19:11 - 111633520 _____ (WhatUsersDo Ltd ) C:\Users\Luca\Downloads\whatusersdo-recorder.exe
2015-10-20 16:45 - 2015-10-20 16:52 - 00000000 ____D C:\Users\Luca\Documents\DayZ
2015-10-20 16:45 - 2015-10-20 16:52 - 00000000 ____D C:\Users\Luca\AppData\Local\DayZ
2015-10-20 16:10 - 2015-10-20 16:10 - 00000000 ____D C:\Users\Luca\AppData\Local\Publishers
2015-10-20 13:24 - 2015-10-20 13:24 - 00000000 ____D C:\Users\Luca\AppData\Local\DayZCommander
2015-10-20 13:12 - 2015-10-20 13:12 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2015-10-20 13:11 - 2015-10-20 13:11 - 02932736 _____ C:\Users\Luca\Downloads\Dotjosh.DayZCommander.Installer.msi
2015-10-16 17:03 - 2015-10-16 17:03 - 00000484 _____ C:\Users\Luca\Downloads\Enable_Volume_Notification_Icon.reg
2015-10-16 17:02 - 2015-10-16 17:02 - 00000000 ____D C:\Users\Luca\AppData\Local\Apple
2015-10-16 16:51 - 2015-10-16 16:51 - 00000000 ____D C:\Users\Luca\AppData\Local\Skype
2015-10-16 16:49 - 2015-10-30 17:00 - 00002200 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-16 16:49 - 2015-10-03 02:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-16 16:47 - 2015-10-03 04:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00784824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00630592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-16 16:38 - 2015-10-16 16:49 - 00000312 _____ C:\WINDOWS\setupact.log
2015-10-16 16:38 - 2015-10-16 16:38 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-14 15:32 - 2015-09-25 02:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:31 - 2015-10-10 07:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:31 - 2015-10-06 03:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-06 02:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-01 04:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:31 - 2015-10-01 04:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:31 - 2015-10-01 04:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:31 - 2015-10-01 04:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:31 - 2015-10-01 04:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:31 - 2015-10-01 03:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:31 - 2015-09-25 03:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:31 - 2015-09-25 03:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:31 - 2015-09-25 03:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:31 - 2015-09-25 03:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:31 - 2015-09-25 03:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 03:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 03:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:31 - 2015-09-25 03:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:31 - 2015-09-25 03:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:31 - 2015-09-25 03:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 03:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 03:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:31 - 2015-09-25 03:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:31 - 2015-09-25 03:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:31 - 2015-09-25 03:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 03:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:31 - 2015-09-25 03:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:31 - 2015-09-25 03:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:31 - 2015-09-25 03:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:31 - 2015-09-25 03:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 03:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 02:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:31 - 2015-09-25 02:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 02:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:31 - 2015-09-25 02:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:31 - 2015-09-25 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 02:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 02:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:31 - 2015-09-25 02:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 02:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:31 - 2015-09-25 02:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 16:45 - 2015-10-30 17:10 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-13 16:45 - 2015-10-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-13 16:22 - 2015-10-13 16:45 - 00000000 ____D C:\Users\Luca\AppData\Local\Deployment
2015-10-13 16:22 - 2015-10-13 16:22 - 00000000 ____D C:\Users\Luca\AppData\Local\Apps\2.0
2015-10-13 15:02 - 2015-10-13 15:02 - 00000002 _____ C:\END
2015-10-12 20:46 - 2015-11-04 16:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 20:46 - 2015-10-30 17:00 - 00001165 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-12 20:46 - 2015-10-12 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-12 20:46 - 2015-10-12 20:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-12 20:46 - 2015-10-12 20:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-12 20:46 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-12 20:46 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-12 20:46 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-12 20:21 - 2015-10-12 20:21 - 00000000 ____D C:\Program Files (x86)\Exploremedia
2015-10-12 19:43 - 2015-10-12 19:43 - 00038205 _____ C:\WINDOWS\wininit.ini
2015-10-12 17:04 - 2015-10-12 17:04 - 00000000 ____D C:\Users\Luca\AppData\Local\PeerDistRepub
2015-10-12 16:36 - 2015-10-12 16:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 16:36 - 2015-07-28 16:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-10-12 16:25 - 2015-10-30 17:00 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 16:25 - 2015-10-30 17:00 - 00001442 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-10-12 16:25 - 2015-10-12 19:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 16:25 - 2015-10-12 16:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-10-12 16:25 - 2015-10-12 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 16:25 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-10-12 16:24 - 2015-10-12 16:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 16:08 - 2015-10-12 16:20 - 00000000 ____D C:\Users\Luca\AppData\Roaming\System Healer
2015-10-12 16:08 - 2015-10-12 16:20 - 00000000 ____D C:\Program Files (x86)\SystemHealer
2015-10-12 16:07 - 2015-10-12 16:07 - 03531374 _____ C:\Users\Luca\AppData\Local\curl.zip
2015-10-12 16:07 - 2015-10-12 16:07 - 00000000 ____D C:\Users\Luca\AppData\Local\cu
2015-10-12 15:52 - 2015-10-12 15:52 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2015-10-12 15:51 - 2015-10-12 15:53 - 00000000 ____D C:\Users\TEMP
2015-10-11 19:28 - 2015-10-11 19:28 - 00367224 _____ C:\WINDOWS\Minidump\101115-51953-01.dmp
2015-10-11 19:05 - 2015-10-11 19:06 - 00369376 _____ C:\WINDOWS\Minidump\101115-93578-01.dmp
2015-10-11 19:04 - 2015-10-30 17:36 - 00252788 _____ C:\WINDOWS\PFRO.log
2015-10-11 19:04 - 2015-10-11 19:27 - 4244917919 _____ C:\WINDOWS\MEMORY.DMP
2015-10-11 18:50 - 2015-11-05 16:45 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-11 18:29 - 2015-10-11 18:29 - 00000000 ____D C:\Users\Luca\AppData\Roaming\shortCutStore
2015-10-11 18:28 - 2015-10-12 16:15 - 00004688 _____ C:\WINDOWS\SysWOW64\Aroiznybod.ini
2015-10-11 18:28 - 2015-10-12 16:15 - 00002400 _____ C:\WINDOWS\SysWOW64\AroiznybodOff.ini
2015-10-11 18:28 - 2015-10-12 16:15 - 00002400 _____ C:\WINDOWS\system32\AroiznybodOff.ini
2015-10-11 18:27 - 2015-10-12 21:10 - 00000000 ____D C:\Users\Luca\AppData\LocalLow\Company
2015-10-11 18:27 - 2015-10-11 18:28 - 00000000 ____D C:\Users\Luca\AppData\Local\Tempfolder
2015-10-11 18:27 - 2015-10-11 18:27 - 00000045 _____ C:\user.js
2015-10-11 18:24 - 2015-10-19 18:50 - 00000000 ____D C:\Users\Luca\AppData\Local\LogMeIn Hamachi
2015-10-11 18:24 - 2015-10-12 20:41 - 00000000 ____D C:\Users\Luca\AppData\Local\Dropbox
2015-10-11 18:24 - 2015-10-11 18:24 - 00000000 ____D C:\Users\Luca\AppData\Local\LogMeIn
2015-10-11 18:24 - 2015-10-11 18:24 - 00000000 ____D C:\Users\Luca\AppData\Local\CEF
2015-10-11 18:22 - 2015-10-11 18:22 - 00000000 ____D C:\Users\Luca\AppData\Local\VirtualStore
2015-10-11 18:01 - 2015-10-12 21:10 - 00000000 ____D C:\Program Files (x86)\43455f30-0e30-4c4c-b36c-67263c6b62e0
2015-10-11 18:01 - 2015-10-11 18:01 - 00000000 ____D C:\Users\Luca\AppData\Local\globalUpdate
2015-10-11 18:00 - 2015-10-12 21:10 - 00000000 ____D C:\Users\Luca\AppData\Local\SmartWeb
2015-10-11 17:59 - 2015-10-11 17:59 - 00000000 ____D C:\Users\Luca\AppData\Local\MicrosoftEdge
2015-10-11 17:59 - 2015-10-11 17:59 - 00000000 ____D C:\Users\Luca\AppData\Local\CrashRpt
2015-10-11 17:59 - 2015-10-11 17:59 - 00000000 ____D C:\Program Files (x86)\predm
2015-10-11 17:58 - 2015-10-11 17:58 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-10-11 17:58 - 2015-10-11 17:58 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-10-11 17:54 - 2015-10-12 20:28 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-11 17:53 - 2015-10-12 21:10 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-10-11 17:52 - 2015-10-12 19:43 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-10-11 17:51 - 2015-10-12 20:21 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Opera Software
2015-10-11 17:50 - 2015-10-12 20:21 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-11 17:50 - 2013-08-22 13:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-10-11 17:49 - 2015-10-11 17:50 - 00000918 _____ C:\WINDOWS\SysWOW64\${LOGFILE}
2015-10-11 17:48 - 2015-10-11 17:48 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-10-11 17:47 - 2015-10-12 21:10 - 00000000 ____D C:\Program Files\Controller
2015-10-11 17:47 - 2015-10-11 17:47 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Mozilla
2015-10-11 17:46 - 2015-10-11 17:49 - 00000000 ____D C:\Users\Luca\AppData\Roaming\WTools
2015-10-11 17:46 - 2015-10-11 17:48 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Store
2015-10-09 15:07 - 2015-10-16 03:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-09 15:07 - 2015-10-16 03:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-08 13:35 - 2015-10-08 13:35 - 00186880 _____ (TODO: <Company name>) C:\WINDOWS\system32\rsrcs.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-05 16:52 - 2015-08-13 15:42 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-05 16:46 - 2015-02-28 17:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-05 16:45 - 2015-07-10 12:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-05 16:45 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 16:45 - 2015-02-28 17:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-05 16:44 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-05 16:44 - 2015-07-10 09:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-05 16:01 - 2015-02-28 17:27 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16E3A959-A4BF-445B-8580-9B17B8524532}
2015-11-02 22:24 - 2015-02-28 19:09 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Skype
2015-10-30 17:08 - 2015-08-03 19:03 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-10-30 17:06 - 2015-07-10 11:04 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-10-30 17:05 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 17:00 - 2015-09-03 13:30 - 00001094 _____ C:\Users\Public\Desktop\A3Launcher.lnk
2015-10-30 17:00 - 2015-09-03 12:14 - 00001106 _____ C:\Users\Public\Desktop\CCGLauncher.lnk
2015-10-30 17:00 - 2015-09-01 22:50 - 00000593 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-10-30 17:00 - 2015-08-31 01:08 - 00001134 _____ C:\Users\Public\Desktop\ASUS GPU TweakII.lnk
2015-10-30 17:00 - 2015-08-13 16:20 - 00001023 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-10-30 17:00 - 2015-08-13 16:09 - 00002329 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-30 17:00 - 2015-08-13 15:32 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-30 17:00 - 2015-08-13 12:11 - 00001789 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-30 17:00 - 2015-08-03 17:59 - 00001913 _____ C:\Users\Luca\Desktop\Clownfish.lnk
2015-10-30 17:00 - 2015-07-29 09:25 - 00000846 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-10-30 17:00 - 2015-07-04 10:59 - 00000691 _____ C:\Users\Luca\Desktop\Breaking Point.lnk
2015-10-30 17:00 - 2015-06-20 17:35 - 00001187 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-10-30 17:00 - 2015-06-20 17:31 - 00001150 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-10-30 17:00 - 2015-06-01 18:49 - 00001444 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-30 17:00 - 2015-05-06 16:27 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif WebPlus X8.lnk
2015-10-30 17:00 - 2015-05-05 15:30 - 00001191 _____ C:\Users\Luca\Desktop\AIDA64 Extreme.lnk
2015-10-30 17:00 - 2015-04-23 17:06 - 00001017 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-10-30 17:00 - 2015-04-19 14:48 - 00001970 _____ C:\Users\Luca\Desktop\Ace Player.lnk
2015-10-30 17:00 - 2015-04-14 16:40 - 00001814 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-10-30 17:00 - 2015-04-14 16:40 - 00001808 _____ C:\Users\Luca\Desktop\Spotify.lnk
2015-10-30 17:00 - 2015-04-12 12:09 - 00000862 _____ C:\Users\Public\Desktop\PowerISO.lnk
2015-10-30 17:00 - 2015-04-07 11:43 - 00001207 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2015-10-30 17:00 - 2015-03-19 19:38 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-30 17:00 - 2015-03-08 09:28 - 00000985 _____ C:\Users\Public\Desktop\Origin.lnk
2015-10-30 17:00 - 2015-03-02 19:57 - 00002675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2015-10-30 17:00 - 2015-02-28 23:36 - 00002184 _____ C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2015-10-30 17:00 - 2015-02-28 23:36 - 00001173 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1510 series.lnk
2015-10-30 17:00 - 2015-02-28 18:44 - 00000988 _____ C:\Users\Public\Desktop\Gyazo.lnk
2015-10-30 17:00 - 2015-02-28 18:44 - 00000988 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-10-30 17:00 - 2015-02-28 18:06 - 00000947 _____ C:\Users\Luca\Desktop\Open Broadcaster Software.lnk
2015-10-30 17:00 - 2015-02-28 17:43 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk
2015-10-30 17:00 - 2015-02-28 17:35 - 00000858 _____ C:\Users\Luca\Desktop\µTorrent.lnk
2015-10-30 17:00 - 2015-02-28 17:35 - 00000838 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-30 13:39 - 2015-07-10 10:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 13:17 - 2015-08-13 16:04 - 00002094 __RSH C:\ProgramData\ntuser.pol
2015-10-28 21:58 - 2015-05-20 18:53 - 00000000 ____D C:\Users\Luca\Documents\Sports Interactive
2015-10-28 21:58 - 2015-05-12 17:24 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2015-10-26 12:56 - 2015-04-25 10:33 - 00000000 ____D C:\Users\Luca\Documents\CCGLauncher
2015-10-25 21:58 - 2015-08-13 15:26 - 00000000 ____D C:\Users\Luca
2015-10-24 16:31 - 2015-04-09 21:02 - 00000000 ____D C:\Users\Luca\Desktop\game
2015-10-23 16:11 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-21 18:20 - 2015-07-10 10:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-10-21 18:20 - 2015-07-10 10:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-10-21 18:20 - 2015-07-10 10:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-10-21 15:41 - 2015-02-28 17:28 - 00000000 ____D C:\Users\Luca\AppData\Local\Google
2015-10-20 16:45 - 2015-03-09 16:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-16 16:49 - 2015-08-13 15:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-16 16:49 - 2015-02-28 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-16 16:39 - 2015-03-05 16:30 - 00000000 ____D C:\Users\Luca\AppData\Local\NVIDIA Corporation
2015-10-16 16:39 - 2015-02-28 17:41 - 00000000 ____D C:\Users\Luca\AppData\Local\NVIDIA
2015-10-14 15:40 - 2015-03-02 16:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 15:37 - 2015-03-02 16:31 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 15:36 - 2015-04-12 12:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 16:45 - 2015-02-28 17:28 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-13 15:16 - 2015-09-18 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-12 21:10 - 2015-02-28 17:35 - 00000000 ____D C:\ProgramData\EpicScale
2015-10-12 20:26 - 2015-09-03 13:30 - 00000000 ____D C:\Program Files (x86)\A3Launcher
2015-10-12 17:20 - 2013-08-22 13:25 - 00000269 _____ C:\WINDOWS\win.ini
2015-10-11 19:28 - 2015-08-14 14:14 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-11 18:29 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-11 18:27 - 2015-08-13 15:49 - 00000000 ____D C:\Users\Luca\AppData\Local\Comms
2015-10-11 18:24 - 2015-04-23 17:06 - 00000000 ____D C:\Users\Luca\AppData\Roaming\TS3Client
2015-10-11 18:21 - 2015-02-28 17:23 - 00000000 ____D C:\Users\Luca\AppData\Local\Packages
2015-10-11 18:17 - 2015-02-28 17:25 - 00000000 ___DO C:\Users\Luca\SkyDrive
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-06 18:45 - 2015-08-13 15:57 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
 
==================== Files in the root of some directories =======
 
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\10WxaSV
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\5pwUzdkr4wxwUHXM4r7RLg
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\9EmBEtd7J2BDLf3EL1
2015-07-04 11:03 - 2015-09-07 11:22 - 0000294 _____ () C:\Users\Luca\AppData\Roaming\BreakingPoint_Login.ini
2015-07-04 11:04 - 2015-09-07 11:23 - 0001380 _____ () C:\Users\Luca\AppData\Roaming\BreakingPoint_Options.ini
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\oJyra3asgY6LhqRTm
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\yegCzryCx3cyhvL1YpZZAyX
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\Z68IylYb
2015-10-12 16:07 - 2015-10-12 16:07 - 3531374 _____ () C:\Users\Luca\AppData\Local\curl.zip
2015-10-30 13:17 - 2015-10-30 13:17 - 0000338 _____ () C:\Users\Luca\AppData\Local\mjrrcR.vbs
2015-02-28 23:34 - 2015-02-28 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
C:\Users\Luca\AppData\Local\Temp\beeeghciij.exe
C:\Users\Luca\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyvv6cw.dll
C:\Users\Luca\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Luca\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Luca\AppData\Local\Temp\nvStInst.exe
C:\Users\Luca\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Luca\AppData\Local\Temp\SpOrder.dll
C:\Users\Luca\AppData\Local\Temp\tu17p84.exe
C:\Users\Luca\AppData\Local\Temp\Uninstall.exe
C:\Users\Luca\AppData\Local\Temp\UninstallModule.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-01 16:54
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi could you let me know what problems remain after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Luca\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll No File
Startup: C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2015-10-30]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> (No File)
FF HKLM-x32\...\Firefox\Extensions: [addnFF@AdTech.com] - C:\Program Files (x86)\Addons\firefox.xpi
FF Extension: Super Web Accelerator ! - C:\Program Files (x86)\Addons\firefox.xpi [2014-12-09] [not signed]
CHR Extension: (EasyCalendar) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-10-30]
2015-10-30 13:17 - 2015-10-30 13:17 - 00000338 _____ C:\Users\Luca\AppData\Local\mjrrcR.vbs
2015-10-30 13:17 - 2015-10-30 13:17 - 00000000 ____D C:\Users\Luca\AppData\Roaming\kTkDsbw2
2015-10-21 19:53 - 2015-10-21 19:53 - 00000000 ____D C:\Users\Luca\AppData\Roaming\U6KobYTu
2015-10-11 18:01 - 2015-10-12 21:10 - 00000000 ____D C:\Program Files (x86)\43455f30-0e30-4c4c-b36c-67263c6b62e0
2015-10-11 18:01 - 2015-10-11 18:01 - 00000000 ____D C:\Users\Luca\AppData\Local\globalUpdate
2015-10-11 18:00 - 2015-10-12 21:10 - 00000000 ____D C:\Users\Luca\AppData\Local\SmartWeb
2015-10-11 17:58 - 2015-10-11 17:58 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-10-11 17:54 - 2015-10-12 20:28 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-11 17:53 - 2015-10-12 21:10 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-10-11 17:52 - 2015-10-12 19:43 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-10-11 17:48 - 2015-10-11 17:48 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\10WxaSV
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\5pwUzdkr4wxwUHXM4r7RLg
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\9EmBEtd7J2BDLf3EL1
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\oJyra3asgY6LhqRTm
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\yegCzryCx3cyhvL1YpZZAyX
2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Luca\AppData\Roaming\Z68IylYb
2015-10-30 13:17 - 2015-10-30 13:17 - 0000338 _____ () C:\Users\Luca\AppData\Local\mjrrcR.vbs
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
yatesy

yatesy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hi, thanks very much for the help Essex Boy. Straight away after doing everything and opening up google chrome the 'easy calender' extension is still there, however now my browser is ridden with pop up and spammy ads and everywhere and everytime I click a link a new tab with a spammy ad is opened. Also here is the content of the log file from Adwcleaner: 

# AdwCleaner v5.018 - Logfile created 08/11/2015 at 12:44:38
# Updated 05/11/2015 by Xplode
# Database : 2015-11-08.1 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : Luca - LUCA
# Running from : C:\Users\Luca\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\_acestream_cache_
[-] Folder Deleted : C:\Program Files\Controller
[-] Folder Deleted : C:\Program Files (x86)\predm
[-] Folder Deleted : C:\Program Files (x86)\Exploremedia
[-] Folder Deleted : C:\ProgramData\epicscale
[-] Folder Deleted : C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk
[-] Folder Deleted : C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc
[-] Folder Deleted : C:\Users\Luca\AppData\LocalLow\.acestream
[-] Folder Deleted : C:\Users\Luca\AppData\Roaming\Store
[-] Folder Deleted : C:\Users\Luca\AppData\Roaming\WTools
[-] Folder Deleted : C:\Users\Luca\AppData\Roaming\acestream
[-] Folder Deleted : C:\Users\Luca\AppData\Roaming\.acestream
[-] Folder Deleted : C:\Users\Luca\AppData\Roaming\shortCutStore
[-] Folder Deleted : C:\Users\Luca\Documents\benko
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : DriverMgr
 
***** [ Registry ] *****
 
[-] Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [EpicScale]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acwfp
[-] Key Deleted : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.0.12
[-] Key Deleted : HKCU\SOFTWARE\Clients\Media\AceStream
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Key Deleted : HKCU\SOFTWARE\Classes\.acelive
[-] Key Deleted : HKCU\SOFTWARE\Classes\.acemedia
[-] Key Deleted : HKCU\SOFTWARE\Classes\.acestream
[-] Key Deleted : HKCU\SOFTWARE\Classes\.tslive
[-] Key Deleted : HKCU\SOFTWARE\Classes\acestream
[-] Key Deleted : HKCU\SOFTWARE\Classes\AceStream.file
[-] Key Deleted : HKCU\SOFTWARE\Classes\Applications\ace_player.exe
[-] Key Deleted : HKCU\SOFTWARE\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AceUpdater]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\NetTcpHandler
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
[-] Key Deleted : HKCU\Software\Classes\ACEStream.CDAudio
[-] Key Deleted : HKCU\Software\Classes\ACEStream.DVDMovie
[-] Key Deleted : HKCU\Software\Classes\ACEStream.OPENFolder
[-] Key Deleted : HKCU\Software\Classes\ACEStream.SVCDMovie
[-] Key Deleted : HKCU\Software\Classes\ACEStream.VCDMovie
[-] Key Deleted : HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
[-] Key Deleted : HKCU\Software\Classes\DVD\shell\PlayWithACEStream
[-] Key Deleted : HKCU\Software\149a4fc7eed4fab7de7fb39d4c83c5ef
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{029AF757-A988-4BDD-A744-A4C7BCEBB011}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0E54135B-3BDB-49CD-8C3C-2AED1CCDD436}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{934B156A-3D17-3981-B78A-5C138F423AD6}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\Store
[-] Key Deleted : HKCU\Software\WTools
[-] Key Deleted : HKCU\Software\AceStream
[-] Key Deleted : HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\Tutorials
[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Crashhd
[-] Key Deleted : HKLM\SOFTWARE\NetTcpHandler
[-] Key Deleted : HKLM\SOFTWARE\NtSvcHandler
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Conduit
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
[-] Key Deleted : [x64] HKLM\SOFTWARE\WebBar
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\SAKURA
[!] Key Not Deleted : HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Software\GlobalUpdate
[!] Key Not Deleted : HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Software\Store
[!] Key Not Deleted : HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Software\WTools
[!] Key Not Deleted : HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Software\AceStream
[!] Key Not Deleted : HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Software\DAILYPCCLEAN
[!] Key Not Deleted : HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : www-searching.com
[-] [C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcgcoifbkbphhjnekfkmohklfaimhikk
[-] [C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jlcgehabolcakkjhgmgpkagpolbjlhfa
[-] [C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : okanipcmceoeemlbjnmnbdibhgpbllgc
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12214 bytes] ##########

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Could I Have a fresh FRST scan please as it sounds as though Chrome may be corrupted


  • 0

#5
yatesy

yatesy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Here is new FRST scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Luca (administrator) on LUCA (08-11-2015 14:34:11)
Running from C:\Users\Luca\Desktop
Loaded Profiles: Luca (Available Profiles: Luca)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-05] (Valve Corporation)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Spotify Web Helper] => C:\Users\Luca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-09-22] (Spotify Ltd)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Spotify] => C:\Users\Luca\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-09-22] (Spotify Ltd)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [AceStream] => C:\Users\Luca\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1344776 2015-07-20] (Bogdan Sharkov)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{37ede89c-9773-4b26-8cc7-3d51d6628835}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
SearchScopes: HKU\S-1-5-21-3821372276-3120686255-594467316-1001 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-13] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-gb
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-12]
CHR Extension: (Google Docs) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-12]
CHR Extension: (Google Drive) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Adblock Plus) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-24]
CHR Extension: (Google Search) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Search by Image (by Google)) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-12]
CHR Extension: (EasyCalendar) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-12]
CHR Extension: (Google Quick Scroll) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2015-11-08]
CHR Extension: (Gmail) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-12]
CHR HKU\S-1-5-21-3821372276-3120686255-594467316-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-20] ()
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-07] (altPUG LLC)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-07-23] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [255008 2009-01-06] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-08] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [169504 2009-01-07] (NVIDIA)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NVR0Dev; C:\Windows\nvoclk64.sys [40480 2009-01-06] (NVIDIA Corp.)
R2 NVR0FLASHDev; C:\Windows\nvflsh64.sys [40992 2009-01-07] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [49880 2015-07-21] (Razer Inc)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2015-03-08] (Scarlet.Crush Productions)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-08 14:34 - 2015-11-08 14:34 - 00016936 _____ C:\Users\Luca\Desktop\FRST.txt
2015-11-08 14:28 - 2015-11-08 14:28 - 00016148 _____ C:\WINDOWS\system32\LUCA_Luca_HistoryPrediction.bin
2015-11-08 12:42 - 2015-11-08 12:44 - 00000000 ____D C:\AdwCleaner
2015-11-08 12:41 - 2015-11-08 12:41 - 01713664 _____ C:\Users\Luca\Downloads\AdwCleaner.exe
2015-11-08 12:34 - 2015-11-08 12:34 - 00000000 ____D C:\Users\Luca\Desktop\FRST-OlderVersion
2015-11-05 17:00 - 2015-11-05 17:00 - 00048069 _____ C:\Users\Luca\Downloads\Addition.txt
2015-11-05 16:59 - 2015-11-08 14:34 - 00000000 ____D C:\FRST
2015-11-05 16:59 - 2015-11-08 12:34 - 02198528 _____ (Farbar) C:\Users\Luca\Desktop\FRST64.exe
2015-11-05 16:59 - 2015-11-05 17:00 - 00058394 _____ C:\Users\Luca\Downloads\FRST.txt
2015-11-04 21:16 - 2015-10-30 17:00 - 00000969 _____ C:\Users\Luca\Desktop\Steam.lnk
2015-11-03 16:23 - 2015-11-03 16:23 - 00040883 _____ C:\Users\Luca\Downloads\JMorris 4231_E779640A-34D7-4FA3-B35F-221C64DA57BA.fmf
2015-10-30 17:08 - 2015-10-30 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-10-30 17:08 - 2015-10-30 17:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-10-30 13:36 - 2015-10-27 23:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:36 - 2015-10-27 23:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:36 - 2015-10-21 12:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:36 - 2015-10-21 05:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:35 - 2015-10-21 12:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:35 - 2015-10-21 12:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:35 - 2015-10-21 12:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:35 - 2015-10-21 12:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:35 - 2015-10-21 12:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:35 - 2015-10-21 11:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:35 - 2015-10-21 11:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:35 - 2015-10-21 11:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:35 - 2015-10-21 11:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:35 - 2015-10-21 11:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:35 - 2015-10-21 11:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:35 - 2015-10-21 11:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:35 - 2015-10-21 11:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:35 - 2015-10-21 11:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:35 - 2015-10-21 11:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:35 - 2015-10-21 11:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:35 - 2015-10-21 11:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:35 - 2015-10-21 11:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:35 - 2015-10-21 11:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:35 - 2015-10-21 11:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:35 - 2015-10-21 05:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:35 - 2015-10-21 05:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:35 - 2015-10-21 05:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:35 - 2015-10-21 05:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:35 - 2015-10-21 05:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:35 - 2015-10-21 05:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:35 - 2015-10-21 05:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:35 - 2015-10-21 04:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:35 - 2015-10-21 04:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:35 - 2015-10-21 04:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 13:17 - 2015-11-07 12:09 - 00000000 ____D C:\Users\Luca\AppData\Local\recoveredfiles
2015-10-30 13:17 - 2015-10-30 13:17 - 01723136 _____ C:\WINDOWS\system32\U7.exe
2015-10-30 13:17 - 2015-10-30 13:17 - 00003298 _____ C:\WINDOWS\System32\Tasks\recoveredfiles
2015-10-30 13:17 - 2015-10-30 13:17 - 00000098 _____ C:\WINDOWS\SysWOW64\sn.txt
2015-10-27 16:32 - 2015-10-27 16:32 - 111633520 _____ (WhatUsersDo Ltd ) C:\Users\Luca\Downloads\whatusersdo-recorder (1).exe
2015-10-27 14:31 - 2015-10-27 14:31 - 00017529 _____ C:\Users\Luca\Downloads\krynomore1_[www.unknowncheats.me]_.rar
2015-10-27 14:24 - 2015-10-27 14:24 - 00009127 _____ C:\Users\Luca\Downloads\[www.OldSchoolHack.me]_A2Menu.rar
2015-10-26 12:57 - 2015-10-26 18:01 - 00000000 ____D C:\Users\Luca\AppData\Local\Arma 3
2015-10-25 19:18 - 2015-10-28 19:05 - 00000000 ____D C:\Users\Luca\AppData\Local\Soccer Manager 2016
2015-10-25 18:45 - 2015-10-28 21:58 - 00000000 ____D C:\Users\Luca\AppData\Local\Sports Interactive
2015-10-24 16:31 - 2015-10-24 16:31 - 01247112 _____ (Mojang) C:\Users\Luca\Desktop\Minecraft.exe
2015-10-24 16:31 - 2015-10-24 16:31 - 00000000 ____D C:\Users\Luca\Desktop\tools
2015-10-24 14:13 - 2015-10-27 15:49 - 00000000 ____D C:\Users\Luca\AppData\Local\ArmA 2 OA
2015-10-24 14:03 - 2015-10-24 14:03 - 00000000 ____D C:\Users\Luca\AppData\Local\Custom_Combat_Gaming
2015-10-24 12:30 - 2015-10-24 12:30 - 00000000 ____D C:\Users\Luca\AppData\Roaming\yvt.jp
2015-10-24 12:30 - 2015-10-24 12:30 - 00000000 ____D C:\Users\Luca\AppData\Roaming\OpenSpades
2015-10-24 12:28 - 2014-06-14 00:38 - 00000000 ____D C:\Users\Luca\Desktop\OpenSpades-0.0.12b-Windows
2015-10-24 12:27 - 2015-10-24 12:27 - 26538318 _____ C:\Users\Luca\Downloads\OpenSpades-0.0.12b-Windows.zip
2015-10-22 18:17 - 2015-10-30 13:17 - 00000203 _____ C:\WINDOWS\system32\gup.xml
2015-10-21 19:53 - 2015-11-08 12:35 - 00000000 ____D C:\Program Files (x86)\Addons
2015-10-21 19:53 - 2015-10-21 19:53 - 00000000 ____D C:\Users\Luca\AppData\Roaming\charts
2015-10-21 19:38 - 2015-10-21 19:38 - 00000000 ____D C:\Users\Luca\AppData\Local\Bohemia_Interactive
2015-10-21 19:38 - 2015-10-21 19:38 - 00000000 ____D C:\Users\Luca\AppData\Local\Arma 3 Launcher
2015-10-21 18:18 - 2015-10-21 18:44 - 00000000 ____D C:\Program Files (x86)\Super Mario Forever 2015
2015-10-20 19:12 - 2015-10-27 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhatUsersDo-Screen-Recorder
2015-10-20 19:12 - 2015-10-27 16:35 - 00000000 ____D C:\Program Files (x86)\WhatUsersDo-Screen-Recorder
2015-10-20 19:12 - 2015-10-20 19:16 - 00000000 ____D C:\Users\Luca\AppData\Roaming\.WhatUsersDo-Recorder
2015-10-20 19:12 - 2015-10-20 19:12 - 00000000 ____D C:\Users\Luca\.oracle_jre_usage
2015-10-20 19:10 - 2015-10-20 19:11 - 111633520 _____ (WhatUsersDo Ltd ) C:\Users\Luca\Downloads\whatusersdo-recorder.exe
2015-10-20 16:45 - 2015-10-20 16:52 - 00000000 ____D C:\Users\Luca\Documents\DayZ
2015-10-20 16:45 - 2015-10-20 16:52 - 00000000 ____D C:\Users\Luca\AppData\Local\DayZ
2015-10-20 16:10 - 2015-10-20 16:10 - 00000000 ____D C:\Users\Luca\AppData\Local\Publishers
2015-10-20 13:24 - 2015-10-20 13:24 - 00000000 ____D C:\Users\Luca\AppData\Local\DayZCommander
2015-10-20 13:12 - 2015-10-20 13:12 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2015-10-20 13:11 - 2015-10-20 13:11 - 02932736 _____ C:\Users\Luca\Downloads\Dotjosh.DayZCommander.Installer.msi
2015-10-16 17:03 - 2015-10-16 17:03 - 00000484 _____ C:\Users\Luca\Downloads\Enable_Volume_Notification_Icon.reg
2015-10-16 17:02 - 2015-10-16 17:02 - 00000000 ____D C:\Users\Luca\AppData\Local\Apple
2015-10-16 16:51 - 2015-10-16 16:51 - 00000000 ____D C:\Users\Luca\AppData\Local\Skype
2015-10-16 16:49 - 2015-10-30 17:00 - 00002200 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-16 16:49 - 2015-10-03 02:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-16 16:47 - 2015-10-03 04:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00784824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00630592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-16 16:47 - 2015-10-03 04:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-16 16:38 - 2015-10-16 16:49 - 00000312 _____ C:\WINDOWS\setupact.log
2015-10-16 16:38 - 2015-10-16 16:38 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-14 15:32 - 2015-09-25 02:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:31 - 2015-10-10 07:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:31 - 2015-10-06 03:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-06 02:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-01 04:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:31 - 2015-10-01 04:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:31 - 2015-10-01 04:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:31 - 2015-10-01 04:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:31 - 2015-10-01 04:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:31 - 2015-10-01 03:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:31 - 2015-09-25 03:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:31 - 2015-09-25 03:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:31 - 2015-09-25 03:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:31 - 2015-09-25 03:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:31 - 2015-09-25 03:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 03:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 03:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:31 - 2015-09-25 03:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:31 - 2015-09-25 03:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:31 - 2015-09-25 03:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 03:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 03:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:31 - 2015-09-25 03:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:31 - 2015-09-25 03:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:31 - 2015-09-25 03:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 03:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:31 - 2015-09-25 03:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:31 - 2015-09-25 03:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:31 - 2015-09-25 03:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:31 - 2015-09-25 03:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 03:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:31 - 2015-09-25 02:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 02:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:31 - 2015-09-25 02:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 02:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 02:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:31 - 2015-09-25 02:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:31 - 2015-09-25 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 02:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 02:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:31 - 2015-09-25 02:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 02:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 02:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:31 - 2015-09-25 02:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 16:45 - 2015-10-30 17:10 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-13 16:45 - 2015-10-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-13 16:22 - 2015-10-13 16:45 - 00000000 ____D C:\Users\Luca\AppData\Local\Deployment
2015-10-13 16:22 - 2015-10-13 16:22 - 00000000 ____D C:\Users\Luca\AppData\Local\Apps\2.0
2015-10-12 20:46 - 2015-11-04 16:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 20:46 - 2015-10-30 17:00 - 00001165 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-12 20:46 - 2015-10-12 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-12 20:46 - 2015-10-12 20:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-12 20:46 - 2015-10-12 20:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-12 20:46 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-12 20:46 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-12 20:46 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-12 19:43 - 2015-10-12 19:43 - 00038205 _____ C:\WINDOWS\wininit.ini
2015-10-12 17:04 - 2015-10-12 17:04 - 00000000 ____D C:\Users\Luca\AppData\Local\PeerDistRepub
2015-10-12 16:36 - 2015-10-12 16:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 16:36 - 2015-07-28 16:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-10-12 16:25 - 2015-10-30 17:00 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 16:25 - 2015-10-30 17:00 - 00001442 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-10-12 16:25 - 2015-10-12 19:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 16:25 - 2015-10-12 16:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-10-12 16:25 - 2015-10-12 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 16:25 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-10-12 16:24 - 2015-10-12 16:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 16:08 - 2015-10-12 16:20 - 00000000 ____D C:\Users\Luca\AppData\Roaming\System Healer
2015-10-12 16:08 - 2015-10-12 16:20 - 00000000 ____D C:\Program Files (x86)\SystemHealer
2015-10-12 16:07 - 2015-10-12 16:07 - 03531374 _____ C:\Users\Luca\AppData\Local\curl.zip
2015-10-12 16:07 - 2015-10-12 16:07 - 00000000 ____D C:\Users\Luca\AppData\Local\cu
2015-10-12 15:52 - 2015-10-12 15:52 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2015-10-12 15:51 - 2015-10-12 15:53 - 00000000 ____D C:\Users\TEMP
2015-10-11 19:28 - 2015-10-11 19:28 - 00367224 _____ C:\WINDOWS\Minidump\101115-51953-01.dmp
2015-10-11 19:05 - 2015-10-11 19:06 - 00369376 _____ C:\WINDOWS\Minidump\101115-93578-01.dmp
2015-10-11 19:04 - 2015-10-30 17:36 - 00252788 _____ C:\WINDOWS\PFRO.log
2015-10-11 19:04 - 2015-10-11 19:27 - 4244917919 _____ C:\WINDOWS\MEMORY.DMP
2015-10-11 18:50 - 2015-11-08 12:46 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-11 18:28 - 2015-10-12 16:15 - 00004688 _____ C:\WINDOWS\SysWOW64\Aroiznybod.ini
2015-10-11 18:28 - 2015-10-12 16:15 - 00002400 _____ C:\WINDOWS\SysWOW64\AroiznybodOff.ini
2015-10-11 18:28 - 2015-10-12 16:15 - 00002400 _____ C:\WINDOWS\system32\AroiznybodOff.ini
2015-10-11 18:27 - 2015-10-12 21:10 - 00000000 ____D C:\Users\Luca\AppData\LocalLow\Company
2015-10-11 18:27 - 2015-10-11 18:28 - 00000000 ____D C:\Users\Luca\AppData\Local\Tempfolder
2015-10-11 18:27 - 2015-10-11 18:27 - 00000045 _____ C:\user.js
2015-10-11 18:24 - 2015-10-19 18:50 - 00000000 ____D C:\Users\Luca\AppData\Local\LogMeIn Hamachi
2015-10-11 18:24 - 2015-10-12 20:41 - 00000000 ____D C:\Users\Luca\AppData\Local\Dropbox
2015-10-11 18:24 - 2015-10-11 18:24 - 00000000 ____D C:\Users\Luca\AppData\Local\LogMeIn
2015-10-11 18:24 - 2015-10-11 18:24 - 00000000 ____D C:\Users\Luca\AppData\Local\CEF
2015-10-11 18:22 - 2015-10-11 18:22 - 00000000 ____D C:\Users\Luca\AppData\Local\VirtualStore
2015-10-11 17:59 - 2015-10-11 17:59 - 00000000 ____D C:\Users\Luca\AppData\Local\MicrosoftEdge
2015-10-11 17:59 - 2015-10-11 17:59 - 00000000 ____D C:\Users\Luca\AppData\Local\CrashRpt
2015-10-11 17:58 - 2015-10-11 17:58 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-10-11 17:51 - 2015-10-12 20:21 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Opera Software
2015-10-11 17:50 - 2015-10-12 20:21 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-11 17:50 - 2013-08-22 13:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-10-11 17:49 - 2015-10-11 17:50 - 00000918 _____ C:\WINDOWS\SysWOW64\${LOGFILE}
2015-10-11 17:47 - 2015-10-11 17:47 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Mozilla
2015-10-09 15:07 - 2015-10-16 03:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-09 15:07 - 2015-10-16 03:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-08 12:52 - 2015-08-13 15:42 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-08 12:47 - 2015-02-28 17:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-08 12:46 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-08 12:45 - 2015-07-10 12:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-08 12:45 - 2015-07-10 09:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-08 12:45 - 2015-02-28 17:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-08 12:32 - 2015-02-28 17:27 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16E3A959-A4BF-445B-8580-9B17B8524532}
2015-11-08 12:29 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-02 22:24 - 2015-02-28 19:09 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Skype
2015-10-30 17:08 - 2015-08-03 19:03 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-10-30 17:06 - 2015-07-10 11:04 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-10-30 17:05 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 17:00 - 2015-09-03 13:30 - 00001094 _____ C:\Users\Public\Desktop\A3Launcher.lnk
2015-10-30 17:00 - 2015-09-03 12:14 - 00001106 _____ C:\Users\Public\Desktop\CCGLauncher.lnk
2015-10-30 17:00 - 2015-09-01 22:50 - 00000593 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-10-30 17:00 - 2015-08-31 01:08 - 00001134 _____ C:\Users\Public\Desktop\ASUS GPU TweakII.lnk
2015-10-30 17:00 - 2015-08-13 16:20 - 00001023 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-10-30 17:00 - 2015-08-13 16:09 - 00002329 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-30 17:00 - 2015-08-13 15:32 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-30 17:00 - 2015-08-13 12:11 - 00001789 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-30 17:00 - 2015-08-03 17:59 - 00001913 _____ C:\Users\Luca\Desktop\Clownfish.lnk
2015-10-30 17:00 - 2015-07-29 09:25 - 00000846 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-10-30 17:00 - 2015-07-04 10:59 - 00000691 _____ C:\Users\Luca\Desktop\Breaking Point.lnk
2015-10-30 17:00 - 2015-06-20 17:35 - 00001187 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-10-30 17:00 - 2015-06-20 17:31 - 00001150 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-10-30 17:00 - 2015-06-01 18:49 - 00001444 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-30 17:00 - 2015-05-06 16:27 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif WebPlus X8.lnk
2015-10-30 17:00 - 2015-05-05 15:30 - 00001191 _____ C:\Users\Luca\Desktop\AIDA64 Extreme.lnk
2015-10-30 17:00 - 2015-04-23 17:06 - 00001017 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-10-30 17:00 - 2015-04-19 14:48 - 00001970 _____ C:\Users\Luca\Desktop\Ace Player.lnk
2015-10-30 17:00 - 2015-04-14 16:40 - 00001814 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-10-30 17:00 - 2015-04-14 16:40 - 00001808 _____ C:\Users\Luca\Desktop\Spotify.lnk
2015-10-30 17:00 - 2015-04-12 12:09 - 00000862 _____ C:\Users\Public\Desktop\PowerISO.lnk
2015-10-30 17:00 - 2015-04-07 11:43 - 00001207 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2015-10-30 17:00 - 2015-03-19 19:38 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-30 17:00 - 2015-03-08 09:28 - 00000985 _____ C:\Users\Public\Desktop\Origin.lnk
2015-10-30 17:00 - 2015-03-02 19:57 - 00002675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2015-10-30 17:00 - 2015-02-28 23:36 - 00002184 _____ C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2015-10-30 17:00 - 2015-02-28 23:36 - 00001173 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1510 series.lnk
2015-10-30 17:00 - 2015-02-28 18:44 - 00000988 _____ C:\Users\Public\Desktop\Gyazo.lnk
2015-10-30 17:00 - 2015-02-28 18:44 - 00000988 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-10-30 17:00 - 2015-02-28 18:06 - 00000947 _____ C:\Users\Luca\Desktop\Open Broadcaster Software.lnk
2015-10-30 17:00 - 2015-02-28 17:43 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk
2015-10-30 17:00 - 2015-02-28 17:35 - 00000858 _____ C:\Users\Luca\Desktop\µTorrent.lnk
2015-10-30 17:00 - 2015-02-28 17:35 - 00000838 _____ C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-30 13:39 - 2015-07-10 10:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 13:17 - 2015-08-13 16:04 - 00002094 __RSH C:\ProgramData\ntuser.pol
2015-10-28 21:58 - 2015-05-20 18:53 - 00000000 ____D C:\Users\Luca\Documents\Sports Interactive
2015-10-28 21:58 - 2015-05-12 17:24 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2015-10-26 12:56 - 2015-04-25 10:33 - 00000000 ____D C:\Users\Luca\Documents\CCGLauncher
2015-10-25 21:58 - 2015-08-13 15:26 - 00000000 ____D C:\Users\Luca
2015-10-24 16:31 - 2015-04-09 21:02 - 00000000 ____D C:\Users\Luca\Desktop\game
2015-10-23 16:11 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-21 18:20 - 2015-07-10 10:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-10-21 18:20 - 2015-07-10 10:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-10-21 18:20 - 2015-07-10 10:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-10-21 18:20 - 2015-07-10 10:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-10-21 18:19 - 2015-07-10 10:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-10-21 15:41 - 2015-02-28 17:28 - 00000000 ____D C:\Users\Luca\AppData\Local\Google
2015-10-20 16:45 - 2015-03-09 16:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-16 16:49 - 2015-08-13 15:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-16 16:49 - 2015-02-28 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-16 16:39 - 2015-03-05 16:30 - 00000000 ____D C:\Users\Luca\AppData\Local\NVIDIA Corporation
2015-10-16 16:39 - 2015-02-28 17:41 - 00000000 ____D C:\Users\Luca\AppData\Local\NVIDIA
2015-10-14 15:40 - 2015-03-02 16:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 15:37 - 2015-03-02 16:31 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 15:36 - 2015-04-12 12:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 16:45 - 2015-02-28 17:28 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-13 15:16 - 2015-09-18 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-12 20:26 - 2015-09-03 13:30 - 00000000 ____D C:\Program Files (x86)\A3Launcher
2015-10-12 17:20 - 2013-08-22 13:25 - 00000269 _____ C:\WINDOWS\win.ini
2015-10-11 19:28 - 2015-08-14 14:14 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-11 18:29 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-11 18:27 - 2015-08-13 15:49 - 00000000 ____D C:\Users\Luca\AppData\Local\Comms
2015-10-11 18:24 - 2015-04-23 17:06 - 00000000 ____D C:\Users\Luca\AppData\Roaming\TS3Client
2015-10-11 18:21 - 2015-02-28 17:23 - 00000000 ____D C:\Users\Luca\AppData\Local\Packages
2015-10-11 18:17 - 2015-02-28 17:25 - 00000000 ___DO C:\Users\Luca\SkyDrive
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-09 15:01 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\L2Schemas
 
==================== Files in the root of some directories =======
 
2015-07-04 11:03 - 2015-09-07 11:22 - 0000294 _____ () C:\Users\Luca\AppData\Roaming\BreakingPoint_Login.ini
2015-07-04 11:04 - 2015-09-07 11:23 - 0001380 _____ () C:\Users\Luca\AppData\Roaming\BreakingPoint_Options.ini
2015-10-12 16:07 - 2015-10-12 16:07 - 3531374 _____ () C:\Users\Luca\AppData\Local\curl.zip
2015-02-28 23:34 - 2015-02-28 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
C:\Users\Luca\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-01 16:54
 
==================== End of FRST.txt ============================

Edited by yatesy, 08 November 2015 - 08:40 AM.

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you have Chrome synchronised ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
CHR Extension: (EasyCalendar) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-08]
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#7
yatesy

yatesy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

What do you mean by synchronised? And here is the fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Luca (2015-11-08 14:51:16) Run:2
Running from C:\Users\Luca\Desktop
Loaded Profiles: Luca (Available Profiles: Luca)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CHR Extension: (EasyCalendar) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-08]
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk => moved successfully
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3821372276-3120686255-594467316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 112.9 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 14:51:43 ====

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
http://www.howtogeek...theme-and-more/

The calendar should have gone now

Please download Junkware Removal Tool to your desktop.
  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

  • 0

#9
yatesy

yatesy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Pro x64
Ran by Luca on 08/11/2015 at 16:30:32.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully deleted: [Service] spbiupd [Reboot required]
Successfully deleted: [Service] spbiupdd [Reboot required]
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Luca\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_dajedkncpodkggklbegccjpmnglmnflm_0.localstorage
Successfully deleted: [File] C:\Users\Luca\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_dajedkncpodkggklbegccjpmnglmnflm_0.localstorage-journal
Successfully deleted: [File] C:\Users\Luca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\search.lnk
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\Luca\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Luca\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Luca\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\users\Public\Documents\guid
Successfully deleted: [Folder] C:\WINDOWS\system32\tasks\update
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Luca\Appdata\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
 
[C:\Users\Luca\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Luca\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
dajedkncpodkggklbegccjpmnglmnflm
 
[C:\Users\Luca\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Luca\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  dajedkncpodkggklbegccjpmnglmnflm
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/11/2015 at 16:32:07.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is it now ?
  • 0

#11
yatesy

yatesy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

All fine now, no problems at all!!! Thanks so much!!


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP