Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Error 268D3 and malware

I got malware and error268D3

  • This topic is locked This topic is locked

#1
traindriver

traindriver

    Member

  • Member
  • PipPip
  • 45 posts

After my children did their homework I got an Error 268D3, now every tine I get onto the net I have all this adware and pc is slow as is the internet.

They cant remember what thy said yes to when downloading. I also keep getting http://safesurfs.net/on all internet startups, google& chrome and both internet explorers

Attached Files


Edited by traindriver, 21 August 2016 - 07:40 AM.

  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Please uninstall this program
SparkTrust PC Cleaner Plus

Please also do not attach any more log files, copy them and paste them directly into the reply box.

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • The report will be saved in the C:\AdwCleaner folder.

    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;
  • The AdwCleaner [C1].txt Log
  • The JRT.txt Log

  • 0

#3
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

zep516 thank you for taking the time to help me. here are the log files in as you requested.

 

# AdwCleaner v6.000 - Logfile created 22/08/2016 at 08:25:30
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-21.4 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Stepan - STEPAN-PC
# Running from : C:\Users\Stepan\Downloads\adwcleaner_6.000 (1).exe
# Mode: Clean
# Support : https://toolslib.net/forum
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Stepan\AppData\Roaming\SparkTrust
[-] Folder deleted: C:\ProgramData\SparkTrust
[#] Folder deleted on reboot: C:\ProgramData\Application Data\SparkTrust
 

***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\SparkTrust\SparkTrust PC Cleaner Plus
[-] Key deleted: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\SparkTrust\UNS\SparkTrust PC Cleaner Plus
[#] Key deleted on reboot: HKCU\Software\SparkTrust\SparkTrust PC Cleaner Plus
[#] Key deleted on reboot: HKCU\Software\SparkTrust\UNS\SparkTrust PC Cleaner Plus
[-] Key deleted: HKLM\SOFTWARE\SparkTrust\SparkTrust PC Cleaner Plus
[#] Value deleted on reboot: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd []
 

***** [ Web browsers ] *****
 
[-] [C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd
 

*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [5569 Bytes] - [21/08/2016 19:38:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [1699 Bytes] - [22/08/2016 08:25:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [5275 Bytes] - [21/08/2016 19:31:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [1979 Bytes] - [22/08/2016 08:20:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1918 Bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Stepan (Administrator) on Mon 22/08/2016 at  8:33:19.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

File System: 7
 
Successfully deleted: C:\ProgramData\esellerate (Folder)
Successfully deleted: C:\Users\Stepan\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Stepan\AppData\Local\mindspark (Folder)
Successfully deleted: C:\Users\Stepan\Appdata\LocalLow\weatherblink (Folder)
Successfully deleted: C:\Users\Stepan\AppData\Roaming\0F1L1I1P0H1L1E1E1F (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Care 365.job (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job (Task)
 
 
 
Registry: 2
 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F710F7E5-A520-471D-989C-F653AC328FB2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F710F7E5-A520-471D-989C-F653AC328FB2} (Registry Key)
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 22/08/2016 at  8:36:30.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Download the enclosed => file.Attached File  fixlist.txt   6.03KB   40 downloads Save it in the location FRST64 is. C:\Users\Stepan\Downloads. Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the location FRST is, C:\Users\Stepan\Downloads (Fixlog.txt). Please post it to your reply.

Next
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.

    Posting the Malwarebytes log.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.







  • 0

#5
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

here is the Malwarebytes log.

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 22/08/2016
Scan Time: 10:47
Logfile: Malwarebytes log.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.08.21.09
Rootkit Database: v2016.08.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Stepan
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 521694
Time Elapsed: 23 min, 12 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 9
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{EFF4E719}, Quarantined, [c1fca2aba0fad75fb72fc53215ee54ac],
PUP.Optional.MindSpark, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\APPDATALOW\SOFTWARE\SnapMyScreen_bf, Quarantined, [407d024b1189ca6c07eb2f7bdd26748c],
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\SYSTEM HEALER, Quarantined, [526b72db3a60ed49bb3dc614a3600af6],
PUP.Optional.MindSpark, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\APPDATALOW\SOFTWARE\SnapMyScreen_bf, Quarantined, [beff84c9465464d2ce2409a1db28b24e],
PUP.Optional.MindSpark, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, Quarantined, [e5d8db72fd9d87afc638b3f7c53e5ba5],
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\SYSTEM HEALER, Quarantined, [0ab3034a0694c5713dbba2388d760df3],
PUP.Optional.MindSpark, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\APPDATALOW\SOFTWARE\SnapMyScreen_bf, Quarantined, [4c712528396181b5a34fd0dac043cf31],
PUP.Optional.MindSpark, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, Quarantined, [655818351b7f6dc906f877338f74827e],
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\SYSTEM HEALER, Quarantined, [c7f6bf8efaa06ec8f20614c6c04309f7],
 
Registry Values: 16
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{eff4e719}|1, 1471765500, Quarantined, [c1fca2aba0fad75fb72fc53215ee54ac]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\SYSTEM HEALER|HomePage, http://systemhealer.com/, Quarantined, [526b72db3a60ed49bb3dc614a3600af6]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\SYSTEM HEALER|CartURL, http://gen2.secureds...3D45E2DFF&clb=1, Quarantined, [9429103d6f2ba78f5e785da0689b9f61]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\SYSTEM HEALER|SupportPage, http://systemhealer....upport/#contact, Quarantined, [6a532b22b4e696a0e7113f9b41c23dc3]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\SYSTEM HEALER|CallBanner1, http://callbanner.sy...er.com/?type=45, Quarantined, [4776232ae2b8eb4b5c9c5288897afd03]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1005\SOFTWARE\SYSTEM HEALER|CallBanner2, http://callbanner.sy...er.com/?type=46, Quarantined, [8f2e0647089263d37d7bc317d72cfb05]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\SYSTEM HEALER|HomePage, http://systemhealer.com/, Quarantined, [0ab3034a0694c5713dbba2388d760df3]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\SYSTEM HEALER|CartURL, http://gen2.secureds...3D45E2DFF&clb=1, Quarantined, [2e8fd37a1585ef47498d31cca162af51]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\SYSTEM HEALER|SupportPage, http://systemhealer....upport/#contact, Quarantined, [7845cb827a2004328573eeec000358a8]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\SYSTEM HEALER|CallBanner1, http://callbanner.sy...er.com/?type=45, Quarantined, [e9d41f2e900a78be6791f2e8b84b58a8]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1006\SOFTWARE\SYSTEM HEALER|CallBanner2, http://callbanner.sy...er.com/?type=46, Quarantined, [d6e7a1acd1c972c403f5defc54afcb35]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\SYSTEM HEALER|HomePage, http://systemhealer.com/, Quarantined, [c7f6bf8efaa06ec8f20614c6c04309f7]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\SYSTEM HEALER|CartURL, http://gen2.secureds...3D45E2DFF&clb=1, Quarantined, [ebd20845b3e7d56136a0a855d72c9c64]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\SYSTEM HEALER|SupportPage, http://systemhealer....upport/#contact, Quarantined, [9429e06da1f95adcfefac8126a99bd43]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\SYSTEM HEALER|CallBanner1, http://callbanner.sy...er.com/?type=45, Quarantined, [635ad87562386cca62964298f0130cf4]
PUP.Optional.SystemHealer, HKU\S-1-5-21-600410608-1858306824-1911990453-1007\SOFTWARE\SYSTEM HEALER|CallBanner2, http://callbanner.sy...er.com/?type=46, Quarantined, [06b71c31603ab97dd5238555ba498e72]
 
Registry Data: 1
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.157 82.163.142.159, Good: (8.8.8.8), Bad: (82.163.143.157 82.163.142.159),Replaced,[427bf8558d0d59dda3f30970e123ba46]
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 

(end)

  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Where is the fixlog from post # 4, very first instruction In that post. Please see post 4 again.

Please do that. Any questions let me know..

Back at 4pm today.

Thanks
Joe :)
  • 0

#7
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Joe hope this is what you wanted.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Stepan (administrator) on STEPAN-PC (23-08-2016 07:51:30)
Running from C:\Users\Stepan\Downloads
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY Production LLC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\RunOnce: [Uninstall C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> hxxp://www.iinet.net.au/
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] ()
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-12] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-09] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-10] (Intel Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
S3 DC324e; C:\Windows\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-17] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-02] (ITE Tech. Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor, Inc.)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group, Inc.)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S0 rr172x; C:\Windows\System32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-04-17] (Duplex Secure Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TplinkUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\Windows\System32\Drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (wisecleaner.com)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-22 10:43 - 2016-08-23 07:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 10:43 - 2016-08-22 10:43 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 10:41 - 2016-08-22 10:43 - 22851472 _____ (Malwarebytes ) C:\Users\Stepan\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-22 08:32 - 2016-08-22 08:33 - 01610560 _____ (Malwarebytes) C:\Users\Stepan\Desktop\JRT.exe
2016-08-21 21:04 - 2016-08-22 11:20 - 00000000 ____D C:\Users\Stepan\Desktop\Geeks to go
2016-08-21 19:29 - 2016-08-22 08:25 - 00000000 ____D C:\AdwCleaner
2016-08-21 19:28 - 2016-08-21 19:28 - 03784256 _____ C:\Users\Stepan\Desktop\adwcleaner_6.000.exe
2016-08-21 19:17 - 2016-08-23 07:51 - 00000000 ____D C:\Users\Stepan\Downloads\FRST-OlderVersion
2016-08-21 19:01 - 2016-08-21 19:06 - 54287072 _____ (Microsoft Corporation) C:\Users\Stepan\Downloads\Windows-KB890830-x64-V5.39.exe
2016-08-21 18:20 - 2016-08-21 18:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-21 18:19 - 2016-08-21 18:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2016-08-21 18:19 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-21 16:47 - 2016-08-21 21:03 - 00057962 _____ C:\Users\Stepan\Downloads\Addition.txt
2016-08-21 16:43 - 2016-08-23 07:51 - 00033205 _____ C:\Users\Stepan\Downloads\FRST.txt
2016-08-21 16:42 - 2016-08-23 07:51 - 00000000 ____D C:\FRST
2016-08-21 16:33 - 2016-08-23 07:51 - 02396672 _____ (Farbar) C:\Users\Stepan\Downloads\FRST64.exe
2016-08-21 16:11 - 2016-08-21 18:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-21 16:10 - 2005-08-25 18:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
2016-08-21 15:42 - 2016-08-21 15:42 - 00003884 _____ C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E}
2016-08-21 15:11 - 2016-08-21 15:22 - 00000000 ____D C:\Users\Stepan\Documents\All about the olympics
2016-08-20 15:00 - 2016-08-20 15:00 - 00001248 _____ C:\Users\Stepan\Desktop\MassEffect.exe - Shortcut.lnk
2016-08-19 10:27 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-19 10:12 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-08-17 09:15 - 2016-08-11 19:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-17 09:14 - 2016-08-21 10:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-17 09:14 - 2016-05-04 10:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-17 09:14 - 2016-05-04 10:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-17 09:12 - 2016-08-11 22:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00574120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-11 13:50 - 2016-08-11 13:50 - 00001369 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-08-11 13:50 - 2016-08-11 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-08-11 11:27 - 2016-08-11 11:27 - 00114176 _____ C:\Users\Jordyn\Documents\Diet Graph for jj.pub
2016-08-10 20:00 - 2016-08-11 07:29 - 00112128 _____ C:\Users\Jordyn\Documents\Diet Graph.pub
2016-08-10 16:52 - 2016-08-10 16:52 - 00000000 ____D C:\Users\Stepan\Desktop\Rainbow Six
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\Users\Stepan\AppData\Local\SkinSoft
2016-08-10 14:04 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 14:04 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 14:04 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 14:04 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 14:04 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 14:04 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 14:04 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 14:04 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 14:04 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 14:04 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 14:04 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 14:04 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 14:04 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 14:04 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 14:04 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 14:04 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 14:04 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 14:04 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 14:04 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 14:04 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 14:04 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 14:04 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 14:04 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 14:04 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 14:04 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 14:04 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 14:04 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 14:04 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 14:04 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 14:04 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 14:04 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:07 - 2016-08-10 08:07 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iPod
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-03 18:57 - 2016-08-03 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-08-03 18:57 - 2016-07-28 18:57 - 00002208 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-08-03 18:57 - 2016-07-28 18:57 - 00002184 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Roaming\ABBYY
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Local\ABBYY
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 07:46 - 2014-01-01 13:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-23 07:45 - 2016-04-27 11:32 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor
2016-08-23 07:45 - 2015-08-08 18:38 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD40C14C-7B14-4C6B-A556-FC9A47E1BD5A}
2016-08-23 07:44 - 2014-11-29 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-23 07:43 - 2015-09-02 10:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 19:21 - 2014-11-29 17:03 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent
2016-08-22 19:14 - 2015-09-02 10:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-22 11:21 - 2016-01-19 16:50 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 11:21 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-22 11:15 - 2015-08-08 17:46 - 00152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys
2016-08-22 11:14 - 2016-01-19 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-22 11:14 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-22 11:14 - 2015-10-30 14:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-08-22 08:25 - 2016-01-19 16:51 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-08-21 21:31 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-21 20:12 - 2014-11-29 20:05 - 00000000 ____D C:\torrents
2016-08-21 19:37 - 2015-11-15 09:46 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:11 - 2013-07-21 04:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-21 19:05 - 2015-12-26 11:12 - 00000000 ____D C:\Users\Stepan\AppData\Local\CrashDumps
2016-08-21 15:41 - 2015-11-15 09:46 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-20 13:23 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Origin
2016-08-20 10:58 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 10:53 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-19 10:29 - 2014-12-15 14:03 - 00000000 ____D C:\Users\Stepan\Documents\BioWare
2016-08-19 10:00 - 2016-04-17 20:41 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2016-08-19 10:00 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 10:00 - 2015-08-08 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Local\Packages
2016-08-18 21:14 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Stepan
2016-08-17 19:22 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-17 09:15 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-17 09:15 - 2015-04-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-16 18:44 - 2015-11-27 19:30 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-16 18:44 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 18:44 - 2015-06-16 21:56 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 18:43 - 2015-11-27 19:30 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-13 18:48 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 18:34 - 2015-08-11 16:21 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9BDA47A-528B-43F6-BC9E-31C050B3E1B5}
2016-08-13 10:54 - 2015-12-25 08:27 - 14199360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-12 17:22 - 2014-11-30 10:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-11 22:33 - 2016-07-08 13:30 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 22:33 - 2016-05-18 16:35 - 20208360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 23699584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 14476904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-11 22:33 - 2015-12-25 08:27 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 20:27 - 2016-01-19 16:47 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-11 20:27 - 2016-01-19 16:47 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-11 13:50 - 2015-11-27 19:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-11 11:28 - 2015-08-08 17:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 09:29 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 20:52 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:40 - 2016-02-02 16:51 - 00000000 ____D C:\Users\Jordyn\AppData\Local\CrashDumps
2016-08-10 16:29 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:29 - 2013-07-21 04:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:25 - 2014-12-12 20:33 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Apple Computer
2016-08-10 08:25 - 2014-12-12 20:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-10 08:02 - 2014-12-12 20:34 - 00000000 ____D C:\Users\Stepan\AppData\Local\Apple Computer
2016-08-10 00:06 - 2016-01-19 16:47 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 13:53 - 2016-06-03 10:44 - 00000000 ____D C:\Users\Stepan\Desktop\Music Junk
2016-08-05 18:04 - 2015-03-10 18:43 - 00012928 _____ C:\Users\Jordyn\Desktop\Excel Worksheet.xlsx
2016-08-04 18:57 - 2016-07-23 13:45 - 00000000 ___RD C:\Users\Stepan\Documents\Scanned Documents
2016-08-04 10:44 - 2016-02-01 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Natasha
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Jordyn
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Diane
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 14:21 - 2014-01-02 05:35 - 00400304 __RSH C:\bootmgr
2016-07-31 15:09 - 2015-09-02 10:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-31 15:09 - 2015-09-02 10:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-29 21:34 - 2016-07-14 14:51 - 00000000 ____D C:\Users\Stepan\Documents\Trash
2016-07-28 18:57 - 2015-10-30 14:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 18:57 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2016-08-21 20:06 - 2016-08-21 20:41 - 0000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt
2014-11-29 21:28 - 2014-12-04 07:28 - 0000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG
2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-08-13 20:21 - 2015-09-07 15:49 - 0002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2014-12-01 19:29 - 2014-12-03 07:28 - 0000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT
2014-11-29 22:00 - 2014-11-29 22:00 - 0000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache
2015-07-13 14:25 - 2015-07-13 14:25 - 0000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND
2016-04-20 08:22 - 2016-04-20 08:22 - 0000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg
2014-11-30 09:14 - 2015-11-22 07:58 - 0000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache
2016-01-19 16:47 - 2016-01-19 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-03 15:35 - 2014-12-03 15:35 - 0000184 _____ () C:\ProgramData\OutlookFail.20141203.log
2014-12-05 20:55 - 2014-12-05 21:06 - 0000367 _____ () C:\ProgramData\OutlookFail.20141205.log
2014-12-07 19:34 - 2014-12-07 19:34 - 0000184 _____ () C:\ProgramData\OutlookFail.20141207.log
2014-12-18 19:01 - 2014-12-18 19:01 - 0000184 _____ () C:\ProgramData\OutlookFail.20141218.log
2014-12-23 08:50 - 2014-12-23 08:50 - 0000183 _____ () C:\ProgramData\OutlookFail.20141223.log
2014-12-28 09:52 - 2014-12-28 09:52 - 0000183 _____ () C:\ProgramData\OutlookFail.20141228.log
2015-01-03 08:09 - 2015-01-03 08:09 - 0000183 _____ () C:\ProgramData\OutlookFail.20150103.log
2015-01-04 11:29 - 2015-01-04 11:29 - 0000184 _____ () C:\ProgramData\OutlookFail.20150104.log
2015-01-05 18:36 - 2015-01-05 18:36 - 0000184 _____ () C:\ProgramData\OutlookFail.20150105.log
2015-01-29 10:53 - 2015-01-29 10:53 - 0000184 _____ () C:\ProgramData\OutlookFail.20150129.log
2015-02-01 15:31 - 2015-02-01 15:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20150201.log
2015-02-02 12:05 - 2015-02-02 12:05 - 0000183 _____ () C:\ProgramData\OutlookFail.20150202.log
2015-02-05 15:41 - 2015-02-05 15:41 - 0000183 _____ () C:\ProgramData\OutlookFail.20150205.log
2015-02-07 13:45 - 2015-02-07 13:45 - 0000184 _____ () C:\ProgramData\OutlookFail.20150207.log
2015-02-11 09:46 - 2015-02-11 09:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150211.log
2015-02-12 08:40 - 2015-02-12 08:40 - 0000183 _____ () C:\ProgramData\OutlookFail.20150212.log
2015-02-13 11:24 - 2015-02-13 11:24 - 0000183 _____ () C:\ProgramData\OutlookFail.20150213.log
2015-02-14 14:19 - 2015-02-14 14:19 - 0000183 _____ () C:\ProgramData\OutlookFail.20150214.log
2015-02-20 09:03 - 2015-02-20 09:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150220.log
2015-02-21 07:13 - 2015-02-21 07:13 - 0000183 _____ () C:\ProgramData\OutlookFail.20150221.log
2015-02-24 13:30 - 2015-02-24 13:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150224.log
2015-03-03 12:30 - 2015-03-03 12:30 - 0000184 _____ () C:\ProgramData\OutlookFail.20150303.log
2015-03-04 15:08 - 2015-03-04 15:08 - 0000183 _____ () C:\ProgramData\OutlookFail.20150304.log
2015-03-10 10:10 - 2015-03-10 10:10 - 0000183 _____ () C:\ProgramData\OutlookFail.20150310.log
2015-04-01 16:04 - 2015-04-01 16:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150401.log
2015-04-06 16:46 - 2015-04-06 16:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150406.log
2015-04-08 15:04 - 2015-04-08 15:04 - 0000184 _____ () C:\ProgramData\OutlookFail.20150408.log
2015-04-09 08:03 - 2015-04-09 08:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150409.log
2015-04-10 19:04 - 2015-04-10 19:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150410.log
2015-04-12 20:09 - 2015-04-12 20:09 - 0000184 _____ () C:\ProgramData\OutlookFail.20150412.log
2015-04-19 10:29 - 2015-04-19 10:29 - 0000183 _____ () C:\ProgramData\OutlookFail.20150419.log
2015-04-23 10:45 - 2015-04-23 10:46 - 0000367 _____ () C:\ProgramData\OutlookFail.20150423.log
2015-04-29 09:15 - 2015-04-29 09:15 - 0000183 _____ () C:\ProgramData\OutlookFail.20150429.log
2015-05-05 14:30 - 2015-05-05 14:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150505.log
2015-05-07 12:48 - 2015-05-07 12:48 - 0000182 _____ () C:\ProgramData\OutlookFail.20150507.log
2015-05-14 09:45 - 2015-05-14 09:45 - 0000183 _____ () C:\ProgramData\OutlookFail.20150514.log
2015-05-18 21:35 - 2015-05-18 21:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150518.log
2015-05-28 15:54 - 2015-05-28 15:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150528.log
2015-06-17 08:14 - 2015-06-17 08:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20150617.log
2015-06-23 16:18 - 2015-06-23 16:18 - 0000184 _____ () C:\ProgramData\OutlookFail.20150623.log
2015-06-26 20:03 - 2015-06-26 20:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150626.log
2015-06-29 17:33 - 2015-06-29 17:33 - 0000183 _____ () C:\ProgramData\OutlookFail.20150629.log
2015-06-30 08:16 - 2015-06-30 08:16 - 0000183 _____ () C:\ProgramData\OutlookFail.20150630.log
2015-07-01 08:50 - 2015-07-01 15:26 - 0000366 _____ () C:\ProgramData\OutlookFail.20150701.log
2015-07-11 08:11 - 2015-07-11 08:11 - 0000183 _____ () C:\ProgramData\OutlookFail.20150711.log
2015-07-15 19:54 - 2015-07-15 19:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150715.log
2015-07-16 22:35 - 2015-07-16 22:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150716.log
2015-07-19 08:57 - 2015-07-19 19:17 - 0000368 _____ () C:\ProgramData\OutlookFail.20150719.log
2015-07-24 07:37 - 2015-07-24 07:37 - 0000183 _____ () C:\ProgramData\OutlookFail.20150724.log
2015-08-09 15:27 - 2015-08-09 15:27 - 0000183 _____ () C:\ProgramData\OutlookFail.20150809.log
2015-08-10 20:02 - 2015-08-10 20:02 - 0000182 _____ () C:\ProgramData\OutlookFail.20150810.log
2015-08-17 17:28 - 2015-08-17 17:28 - 0000183 _____ () C:\ProgramData\OutlookFail.20150817.log
2015-08-18 14:15 - 2015-08-18 14:15 - 0000366 _____ () C:\ProgramData\OutlookFail.20150818.log
2015-08-19 19:36 - 2015-08-19 19:36 - 0000183 _____ () C:\ProgramData\OutlookFail.20150819.log
2015-08-23 16:28 - 2015-08-23 21:25 - 0000367 _____ () C:\ProgramData\OutlookFail.20150823.log
2015-09-10 16:44 - 2015-09-10 16:44 - 0000183 _____ () C:\ProgramData\OutlookFail.20150910.log
2015-09-11 07:30 - 2015-09-11 07:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150911.log
2015-09-18 16:35 - 2015-09-18 17:05 - 0000367 _____ () C:\ProgramData\OutlookFail.20150918.log
2015-10-15 06:31 - 2015-10-15 06:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20151015.log
2015-10-21 19:51 - 2015-10-21 19:51 - 0000183 _____ () C:\ProgramData\OutlookFail.20151021.log
2015-10-24 12:02 - 2015-10-24 12:02 - 0000183 _____ () C:\ProgramData\OutlookFail.20151024.log
2015-11-05 13:25 - 2015-11-05 13:36 - 0000368 _____ () C:\ProgramData\OutlookFail.20151105.log
2015-11-15 09:18 - 2015-11-15 09:18 - 0000183 _____ () C:\ProgramData\OutlookFail.20151115.log
2015-11-25 20:38 - 2015-11-25 20:38 - 0000183 _____ () C:\ProgramData\OutlookFail.20151125.log
2015-11-26 18:14 - 2015-11-26 18:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20151126.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-08-19 19:50
 
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Stepan (administrator) on STEPAN-PC (23-08-2016 07:51:30)
Running from C:\Users\Stepan\Downloads
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY Production LLC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\RunOnce: [Uninstall C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> hxxp://www.iinet.net.au/
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] ()
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-12] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-09] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-10] (Intel Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
S3 DC324e; C:\Windows\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-17] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-02] (ITE Tech. Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor, Inc.)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group, Inc.)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S0 rr172x; C:\Windows\System32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-04-17] (Duplex Secure Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TplinkUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\Windows\System32\Drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (wisecleaner.com)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-22 10:43 - 2016-08-23 07:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 10:43 - 2016-08-22 10:43 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 10:41 - 2016-08-22 10:43 - 22851472 _____ (Malwarebytes ) C:\Users\Stepan\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-22 08:32 - 2016-08-22 08:33 - 01610560 _____ (Malwarebytes) C:\Users\Stepan\Desktop\JRT.exe
2016-08-21 21:04 - 2016-08-22 11:20 - 00000000 ____D C:\Users\Stepan\Desktop\Geeks to go
2016-08-21 19:29 - 2016-08-22 08:25 - 00000000 ____D C:\AdwCleaner
2016-08-21 19:28 - 2016-08-21 19:28 - 03784256 _____ C:\Users\Stepan\Desktop\adwcleaner_6.000.exe
2016-08-21 19:17 - 2016-08-23 07:51 - 00000000 ____D C:\Users\Stepan\Downloads\FRST-OlderVersion
2016-08-21 19:01 - 2016-08-21 19:06 - 54287072 _____ (Microsoft Corporation) C:\Users\Stepan\Downloads\Windows-KB890830-x64-V5.39.exe
2016-08-21 18:20 - 2016-08-21 18:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-21 18:19 - 2016-08-21 18:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2016-08-21 18:19 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-21 16:47 - 2016-08-21 21:03 - 00057962 _____ C:\Users\Stepan\Downloads\Addition.txt
2016-08-21 16:43 - 2016-08-23 07:51 - 00033205 _____ C:\Users\Stepan\Downloads\FRST.txt
2016-08-21 16:42 - 2016-08-23 07:51 - 00000000 ____D C:\FRST
2016-08-21 16:33 - 2016-08-23 07:51 - 02396672 _____ (Farbar) C:\Users\Stepan\Downloads\FRST64.exe
2016-08-21 16:11 - 2016-08-21 18:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-21 16:10 - 2005-08-25 18:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
2016-08-21 15:42 - 2016-08-21 15:42 - 00003884 _____ C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E}
2016-08-21 15:11 - 2016-08-21 15:22 - 00000000 ____D C:\Users\Stepan\Documents\All about the olympics
2016-08-20 15:00 - 2016-08-20 15:00 - 00001248 _____ C:\Users\Stepan\Desktop\MassEffect.exe - Shortcut.lnk
2016-08-19 10:27 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-19 10:12 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-08-17 09:15 - 2016-08-11 19:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-17 09:14 - 2016-08-21 10:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-17 09:14 - 2016-05-04 10:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-17 09:14 - 2016-05-04 10:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-17 09:12 - 2016-08-11 22:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00574120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-11 13:50 - 2016-08-11 13:50 - 00001369 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-08-11 13:50 - 2016-08-11 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-08-11 11:27 - 2016-08-11 11:27 - 00114176 _____ C:\Users\Jordyn\Documents\Diet Graph for jj.pub
2016-08-10 20:00 - 2016-08-11 07:29 - 00112128 _____ C:\Users\Jordyn\Documents\Diet Graph.pub
2016-08-10 16:52 - 2016-08-10 16:52 - 00000000 ____D C:\Users\Stepan\Desktop\Rainbow Six
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\Users\Stepan\AppData\Local\SkinSoft
2016-08-10 14:04 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 14:04 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 14:04 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 14:04 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 14:04 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 14:04 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 14:04 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 14:04 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 14:04 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 14:04 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 14:04 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 14:04 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 14:04 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 14:04 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 14:04 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 14:04 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 14:04 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 14:04 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 14:04 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 14:04 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 14:04 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 14:04 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 14:04 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 14:04 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 14:04 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 14:04 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 14:04 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 14:04 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 14:04 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 14:04 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 14:04 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:07 - 2016-08-10 08:07 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iPod
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-03 18:57 - 2016-08-03 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-08-03 18:57 - 2016-07-28 18:57 - 00002208 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-08-03 18:57 - 2016-07-28 18:57 - 00002184 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Roaming\ABBYY
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Local\ABBYY
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 07:46 - 2014-01-01 13:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-23 07:45 - 2016-04-27 11:32 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor
2016-08-23 07:45 - 2015-08-08 18:38 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD40C14C-7B14-4C6B-A556-FC9A47E1BD5A}
2016-08-23 07:44 - 2014-11-29 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-23 07:43 - 2015-09-02 10:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 19:21 - 2014-11-29 17:03 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent
2016-08-22 19:14 - 2015-09-02 10:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-22 11:21 - 2016-01-19 16:50 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 11:21 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-22 11:15 - 2015-08-08 17:46 - 00152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys
2016-08-22 11:14 - 2016-01-19 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-22 11:14 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-22 11:14 - 2015-10-30 14:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-08-22 08:25 - 2016-01-19 16:51 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-08-21 21:31 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-21 20:12 - 2014-11-29 20:05 - 00000000 ____D C:\torrents
2016-08-21 19:37 - 2015-11-15 09:46 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:11 - 2013-07-21 04:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-21 19:05 - 2015-12-26 11:12 - 00000000 ____D C:\Users\Stepan\AppData\Local\CrashDumps
2016-08-21 15:41 - 2015-11-15 09:46 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-20 13:23 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Origin
2016-08-20 10:58 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 10:53 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-19 10:29 - 2014-12-15 14:03 - 00000000 ____D C:\Users\Stepan\Documents\BioWare
2016-08-19 10:00 - 2016-04-17 20:41 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2016-08-19 10:00 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 10:00 - 2015-08-08 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Local\Packages
2016-08-18 21:14 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Stepan
2016-08-17 19:22 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-17 09:15 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-17 09:15 - 2015-04-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-16 18:44 - 2015-11-27 19:30 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-16 18:44 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 18:44 - 2015-06-16 21:56 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 18:43 - 2015-11-27 19:30 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-13 18:48 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 18:34 - 2015-08-11 16:21 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9BDA47A-528B-43F6-BC9E-31C050B3E1B5}
2016-08-13 10:54 - 2015-12-25 08:27 - 14199360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-12 17:22 - 2014-11-30 10:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-11 22:33 - 2016-07-08 13:30 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 22:33 - 2016-05-18 16:35 - 20208360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 23699584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 14476904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-11 22:33 - 2015-12-25 08:27 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 20:27 - 2016-01-19 16:47 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-11 20:27 - 2016-01-19 16:47 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-11 13:50 - 2015-11-27 19:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-11 11:28 - 2015-08-08 17:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 09:29 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 20:52 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:40 - 2016-02-02 16:51 - 00000000 ____D C:\Users\Jordyn\AppData\Local\CrashDumps
2016-08-10 16:29 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:29 - 2013-07-21 04:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:25 - 2014-12-12 20:33 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Apple Computer
2016-08-10 08:25 - 2014-12-12 20:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-10 08:02 - 2014-12-12 20:34 - 00000000 ____D C:\Users\Stepan\AppData\Local\Apple Computer
2016-08-10 00:06 - 2016-01-19 16:47 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 13:53 - 2016-06-03 10:44 - 00000000 ____D C:\Users\Stepan\Desktop\Music Junk
2016-08-05 18:04 - 2015-03-10 18:43 - 00012928 _____ C:\Users\Jordyn\Desktop\Excel Worksheet.xlsx
2016-08-04 18:57 - 2016-07-23 13:45 - 00000000 ___RD C:\Users\Stepan\Documents\Scanned Documents
2016-08-04 10:44 - 2016-02-01 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Natasha
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Jordyn
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Diane
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 14:21 - 2014-01-02 05:35 - 00400304 __RSH C:\bootmgr
2016-07-31 15:09 - 2015-09-02 10:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-31 15:09 - 2015-09-02 10:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-29 21:34 - 2016-07-14 14:51 - 00000000 ____D C:\Users\Stepan\Documents\Trash
2016-07-28 18:57 - 2015-10-30 14:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 18:57 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2016-08-21 20:06 - 2016-08-21 20:41 - 0000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt
2014-11-29 21:28 - 2014-12-04 07:28 - 0000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG
2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-08-13 20:21 - 2015-09-07 15:49 - 0002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2014-12-01 19:29 - 2014-12-03 07:28 - 0000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT
2014-11-29 22:00 - 2014-11-29 22:00 - 0000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache
2015-07-13 14:25 - 2015-07-13 14:25 - 0000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND
2016-04-20 08:22 - 2016-04-20 08:22 - 0000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg
2014-11-30 09:14 - 2015-11-22 07:58 - 0000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache
2016-01-19 16:47 - 2016-01-19 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-03 15:35 - 2014-12-03 15:35 - 0000184 _____ () C:\ProgramData\OutlookFail.20141203.log
2014-12-05 20:55 - 2014-12-05 21:06 - 0000367 _____ () C:\ProgramData\OutlookFail.20141205.log
2014-12-07 19:34 - 2014-12-07 19:34 - 0000184 _____ () C:\ProgramData\OutlookFail.20141207.log
2014-12-18 19:01 - 2014-12-18 19:01 - 0000184 _____ () C:\ProgramData\OutlookFail.20141218.log
2014-12-23 08:50 - 2014-12-23 08:50 - 0000183 _____ () C:\ProgramData\OutlookFail.20141223.log
2014-12-28 09:52 - 2014-12-28 09:52 - 0000183 _____ () C:\ProgramData\OutlookFail.20141228.log
2015-01-03 08:09 - 2015-01-03 08:09 - 0000183 _____ () C:\ProgramData\OutlookFail.20150103.log
2015-01-04 11:29 - 2015-01-04 11:29 - 0000184 _____ () C:\ProgramData\OutlookFail.20150104.log
2015-01-05 18:36 - 2015-01-05 18:36 - 0000184 _____ () C:\ProgramData\OutlookFail.20150105.log
2015-01-29 10:53 - 2015-01-29 10:53 - 0000184 _____ () C:\ProgramData\OutlookFail.20150129.log
2015-02-01 15:31 - 2015-02-01 15:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20150201.log
2015-02-02 12:05 - 2015-02-02 12:05 - 0000183 _____ () C:\ProgramData\OutlookFail.20150202.log
2015-02-05 15:41 - 2015-02-05 15:41 - 0000183 _____ () C:\ProgramData\OutlookFail.20150205.log
2015-02-07 13:45 - 2015-02-07 13:45 - 0000184 _____ () C:\ProgramData\OutlookFail.20150207.log
2015-02-11 09:46 - 2015-02-11 09:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150211.log
2015-02-12 08:40 - 2015-02-12 08:40 - 0000183 _____ () C:\ProgramData\OutlookFail.20150212.log
2015-02-13 11:24 - 2015-02-13 11:24 - 0000183 _____ () C:\ProgramData\OutlookFail.20150213.log
2015-02-14 14:19 - 2015-02-14 14:19 - 0000183 _____ () C:\ProgramData\OutlookFail.20150214.log
2015-02-20 09:03 - 2015-02-20 09:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150220.log
2015-02-21 07:13 - 2015-02-21 07:13 - 0000183 _____ () C:\ProgramData\OutlookFail.20150221.log
2015-02-24 13:30 - 2015-02-24 13:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150224.log
2015-03-03 12:30 - 2015-03-03 12:30 - 0000184 _____ () C:\ProgramData\OutlookFail.20150303.log
2015-03-04 15:08 - 2015-03-04 15:08 - 0000183 _____ () C:\ProgramData\OutlookFail.20150304.log
2015-03-10 10:10 - 2015-03-10 10:10 - 0000183 _____ () C:\ProgramData\OutlookFail.20150310.log
2015-04-01 16:04 - 2015-04-01 16:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150401.log
2015-04-06 16:46 - 2015-04-06 16:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150406.log
2015-04-08 15:04 - 2015-04-08 15:04 - 0000184 _____ () C:\ProgramData\OutlookFail.20150408.log
2015-04-09 08:03 - 2015-04-09 08:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150409.log
2015-04-10 19:04 - 2015-04-10 19:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150410.log
2015-04-12 20:09 - 2015-04-12 20:09 - 0000184 _____ () C:\ProgramData\OutlookFail.20150412.log
2015-04-19 10:29 - 2015-04-19 10:29 - 0000183 _____ () C:\ProgramData\OutlookFail.20150419.log
2015-04-23 10:45 - 2015-04-23 10:46 - 0000367 _____ () C:\ProgramData\OutlookFail.20150423.log
2015-04-29 09:15 - 2015-04-29 09:15 - 0000183 _____ () C:\ProgramData\OutlookFail.20150429.log
2015-05-05 14:30 - 2015-05-05 14:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150505.log
2015-05-07 12:48 - 2015-05-07 12:48 - 0000182 _____ () C:\ProgramData\OutlookFail.20150507.log
2015-05-14 09:45 - 2015-05-14 09:45 - 0000183 _____ () C:\ProgramData\OutlookFail.20150514.log
2015-05-18 21:35 - 2015-05-18 21:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150518.log
2015-05-28 15:54 - 2015-05-28 15:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150528.log
2015-06-17 08:14 - 2015-06-17 08:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20150617.log
2015-06-23 16:18 - 2015-06-23 16:18 - 0000184 _____ () C:\ProgramData\OutlookFail.20150623.log
2015-06-26 20:03 - 2015-06-26 20:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150626.log
2015-06-29 17:33 - 2015-06-29 17:33 - 0000183 _____ () C:\ProgramData\OutlookFail.20150629.log
2015-06-30 08:16 - 2015-06-30 08:16 - 0000183 _____ () C:\ProgramData\OutlookFail.20150630.log
2015-07-01 08:50 - 2015-07-01 15:26 - 0000366 _____ () C:\ProgramData\OutlookFail.20150701.log
2015-07-11 08:11 - 2015-07-11 08:11 - 0000183 _____ () C:\ProgramData\OutlookFail.20150711.log
2015-07-15 19:54 - 2015-07-15 19:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150715.log
2015-07-16 22:35 - 2015-07-16 22:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150716.log
2015-07-19 08:57 - 2015-07-19 19:17 - 0000368 _____ () C:\ProgramData\OutlookFail.20150719.log
2015-07-24 07:37 - 2015-07-24 07:37 - 0000183 _____ () C:\ProgramData\OutlookFail.20150724.log
2015-08-09 15:27 - 2015-08-09 15:27 - 0000183 _____ () C:\ProgramData\OutlookFail.20150809.log
2015-08-10 20:02 - 2015-08-10 20:02 - 0000182 _____ () C:\ProgramData\OutlookFail.20150810.log
2015-08-17 17:28 - 2015-08-17 17:28 - 0000183 _____ () C:\ProgramData\OutlookFail.20150817.log
2015-08-18 14:15 - 2015-08-18 14:15 - 0000366 _____ () C:\ProgramData\OutlookFail.20150818.log
2015-08-19 19:36 - 2015-08-19 19:36 - 0000183 _____ () C:\ProgramData\OutlookFail.20150819.log
2015-08-23 16:28 - 2015-08-23 21:25 - 0000367 _____ () C:\ProgramData\OutlookFail.20150823.log
2015-09-10 16:44 - 2015-09-10 16:44 - 0000183 _____ () C:\ProgramData\OutlookFail.20150910.log
2015-09-11 07:30 - 2015-09-11 07:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150911.log
2015-09-18 16:35 - 2015-09-18 17:05 - 0000367 _____ () C:\ProgramData\OutlookFail.20150918.log
2015-10-15 06:31 - 2015-10-15 06:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20151015.log
2015-10-21 19:51 - 2015-10-21 19:51 - 0000183 _____ () C:\ProgramData\OutlookFail.20151021.log
2015-10-24 12:02 - 2015-10-24 12:02 - 0000183 _____ () C:\ProgramData\OutlookFail.20151024.log
2015-11-05 13:25 - 2015-11-05 13:36 - 0000368 _____ () C:\ProgramData\OutlookFail.20151105.log
2015-11-15 09:18 - 2015-11-15 09:18 - 0000183 _____ () C:\ProgramData\OutlookFail.20151115.log
2015-11-25 20:38 - 2015-11-25 20:38 - 0000183 _____ () C:\ProgramData\OutlookFail.20151125.log
2015-11-26 18:14 - 2015-11-26 18:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20151126.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-08-19 19:50
 
==================== End of FRST.txt ============================

  • 0

#8
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

sorry here is the other one.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Stepan (administrator) on STEPAN-PC (23-08-2016 07:51:30)
Running from C:\Users\Stepan\Downloads
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY Production LLC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\RunOnce: [Uninstall C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> hxxp://www.iinet.net.au/
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] ()
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-12] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-09] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-10] (Intel Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
S3 DC324e; C:\Windows\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-17] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-02] (ITE Tech. Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor, Inc.)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group, Inc.)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S0 rr172x; C:\Windows\System32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-04-17] (Duplex Secure Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TplinkUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\Windows\System32\Drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (wisecleaner.com)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-22 10:43 - 2016-08-23 07:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 10:43 - 2016-08-22 10:43 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 10:41 - 2016-08-22 10:43 - 22851472 _____ (Malwarebytes ) C:\Users\Stepan\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-22 08:32 - 2016-08-22 08:33 - 01610560 _____ (Malwarebytes) C:\Users\Stepan\Desktop\JRT.exe
2016-08-21 21:04 - 2016-08-22 11:20 - 00000000 ____D C:\Users\Stepan\Desktop\Geeks to go
2016-08-21 19:29 - 2016-08-22 08:25 - 00000000 ____D C:\AdwCleaner
2016-08-21 19:28 - 2016-08-21 19:28 - 03784256 _____ C:\Users\Stepan\Desktop\adwcleaner_6.000.exe
2016-08-21 19:17 - 2016-08-23 07:51 - 00000000 ____D C:\Users\Stepan\Downloads\FRST-OlderVersion
2016-08-21 19:01 - 2016-08-21 19:06 - 54287072 _____ (Microsoft Corporation) C:\Users\Stepan\Downloads\Windows-KB890830-x64-V5.39.exe
2016-08-21 18:20 - 2016-08-21 18:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-21 18:19 - 2016-08-21 18:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2016-08-21 18:19 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-21 16:47 - 2016-08-21 21:03 - 00057962 _____ C:\Users\Stepan\Downloads\Addition.txt
2016-08-21 16:43 - 2016-08-23 07:51 - 00033205 _____ C:\Users\Stepan\Downloads\FRST.txt
2016-08-21 16:42 - 2016-08-23 07:51 - 00000000 ____D C:\FRST
2016-08-21 16:33 - 2016-08-23 07:51 - 02396672 _____ (Farbar) C:\Users\Stepan\Downloads\FRST64.exe
2016-08-21 16:11 - 2016-08-21 18:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-21 16:10 - 2005-08-25 18:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
2016-08-21 15:42 - 2016-08-21 15:42 - 00003884 _____ C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E}
2016-08-21 15:11 - 2016-08-21 15:22 - 00000000 ____D C:\Users\Stepan\Documents\All about the olympics
2016-08-20 15:00 - 2016-08-20 15:00 - 00001248 _____ C:\Users\Stepan\Desktop\MassEffect.exe - Shortcut.lnk
2016-08-19 10:27 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-19 10:12 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-08-17 09:15 - 2016-08-11 19:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-17 09:14 - 2016-08-21 10:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-17 09:14 - 2016-05-04 10:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-17 09:14 - 2016-05-04 10:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-17 09:12 - 2016-08-11 22:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00574120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-11 13:50 - 2016-08-11 13:50 - 00001369 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-08-11 13:50 - 2016-08-11 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-08-11 11:27 - 2016-08-11 11:27 - 00114176 _____ C:\Users\Jordyn\Documents\Diet Graph for jj.pub
2016-08-10 20:00 - 2016-08-11 07:29 - 00112128 _____ C:\Users\Jordyn\Documents\Diet Graph.pub
2016-08-10 16:52 - 2016-08-10 16:52 - 00000000 ____D C:\Users\Stepan\Desktop\Rainbow Six
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\Users\Stepan\AppData\Local\SkinSoft
2016-08-10 14:04 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 14:04 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 14:04 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 14:04 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 14:04 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 14:04 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 14:04 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 14:04 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 14:04 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 14:04 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 14:04 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 14:04 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 14:04 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 14:04 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 14:04 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 14:04 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 14:04 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 14:04 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 14:04 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 14:04 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 14:04 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 14:04 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 14:04 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 14:04 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 14:04 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 14:04 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 14:04 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 14:04 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 14:04 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 14:04 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 14:04 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:07 - 2016-08-10 08:07 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iPod
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-03 18:57 - 2016-08-03 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-08-03 18:57 - 2016-07-28 18:57 - 00002208 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-08-03 18:57 - 2016-07-28 18:57 - 00002184 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Roaming\ABBYY
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Local\ABBYY
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 07:46 - 2014-01-01 13:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-23 07:45 - 2016-04-27 11:32 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor
2016-08-23 07:45 - 2015-08-08 18:38 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD40C14C-7B14-4C6B-A556-FC9A47E1BD5A}
2016-08-23 07:44 - 2014-11-29 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-23 07:43 - 2015-09-02 10:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 19:21 - 2014-11-29 17:03 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent
2016-08-22 19:14 - 2015-09-02 10:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-22 11:21 - 2016-01-19 16:50 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 11:21 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-22 11:15 - 2015-08-08 17:46 - 00152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys
2016-08-22 11:14 - 2016-01-19 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-22 11:14 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-22 11:14 - 2015-10-30 14:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-08-22 08:25 - 2016-01-19 16:51 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-08-21 21:31 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-21 20:12 - 2014-11-29 20:05 - 00000000 ____D C:\torrents
2016-08-21 19:37 - 2015-11-15 09:46 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:11 - 2013-07-21 04:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-21 19:05 - 2015-12-26 11:12 - 00000000 ____D C:\Users\Stepan\AppData\Local\CrashDumps
2016-08-21 15:41 - 2015-11-15 09:46 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-20 13:23 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Origin
2016-08-20 10:58 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 10:53 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-19 10:29 - 2014-12-15 14:03 - 00000000 ____D C:\Users\Stepan\Documents\BioWare
2016-08-19 10:00 - 2016-04-17 20:41 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2016-08-19 10:00 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 10:00 - 2015-08-08 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Local\Packages
2016-08-18 21:14 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Stepan
2016-08-17 19:22 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-17 09:15 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-17 09:15 - 2015-04-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-16 18:44 - 2015-11-27 19:30 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-16 18:44 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 18:44 - 2015-06-16 21:56 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 18:43 - 2015-11-27 19:30 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-13 18:48 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 18:34 - 2015-08-11 16:21 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9BDA47A-528B-43F6-BC9E-31C050B3E1B5}
2016-08-13 10:54 - 2015-12-25 08:27 - 14199360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-12 17:22 - 2014-11-30 10:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-11 22:33 - 2016-07-08 13:30 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 22:33 - 2016-05-18 16:35 - 20208360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 23699584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 14476904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-11 22:33 - 2015-12-25 08:27 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 20:27 - 2016-01-19 16:47 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-11 20:27 - 2016-01-19 16:47 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-11 13:50 - 2015-11-27 19:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-11 11:28 - 2015-08-08 17:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 09:29 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 20:52 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:40 - 2016-02-02 16:51 - 00000000 ____D C:\Users\Jordyn\AppData\Local\CrashDumps
2016-08-10 16:29 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:29 - 2013-07-21 04:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:25 - 2014-12-12 20:33 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Apple Computer
2016-08-10 08:25 - 2014-12-12 20:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-10 08:02 - 2014-12-12 20:34 - 00000000 ____D C:\Users\Stepan\AppData\Local\Apple Computer
2016-08-10 00:06 - 2016-01-19 16:47 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 13:53 - 2016-06-03 10:44 - 00000000 ____D C:\Users\Stepan\Desktop\Music Junk
2016-08-05 18:04 - 2015-03-10 18:43 - 00012928 _____ C:\Users\Jordyn\Desktop\Excel Worksheet.xlsx
2016-08-04 18:57 - 2016-07-23 13:45 - 00000000 ___RD C:\Users\Stepan\Documents\Scanned Documents
2016-08-04 10:44 - 2016-02-01 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Natasha
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Jordyn
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Diane
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 14:21 - 2014-01-02 05:35 - 00400304 __RSH C:\bootmgr
2016-07-31 15:09 - 2015-09-02 10:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-31 15:09 - 2015-09-02 10:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-29 21:34 - 2016-07-14 14:51 - 00000000 ____D C:\Users\Stepan\Documents\Trash
2016-07-28 18:57 - 2015-10-30 14:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 18:57 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2016-08-21 20:06 - 2016-08-21 20:41 - 0000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt
2014-11-29 21:28 - 2014-12-04 07:28 - 0000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG
2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-08-13 20:21 - 2015-09-07 15:49 - 0002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2014-12-01 19:29 - 2014-12-03 07:28 - 0000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT
2014-11-29 22:00 - 2014-11-29 22:00 - 0000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache
2015-07-13 14:25 - 2015-07-13 14:25 - 0000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND
2016-04-20 08:22 - 2016-04-20 08:22 - 0000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg
2014-11-30 09:14 - 2015-11-22 07:58 - 0000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache
2016-01-19 16:47 - 2016-01-19 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-03 15:35 - 2014-12-03 15:35 - 0000184 _____ () C:\ProgramData\OutlookFail.20141203.log
2014-12-05 20:55 - 2014-12-05 21:06 - 0000367 _____ () C:\ProgramData\OutlookFail.20141205.log
2014-12-07 19:34 - 2014-12-07 19:34 - 0000184 _____ () C:\ProgramData\OutlookFail.20141207.log
2014-12-18 19:01 - 2014-12-18 19:01 - 0000184 _____ () C:\ProgramData\OutlookFail.20141218.log
2014-12-23 08:50 - 2014-12-23 08:50 - 0000183 _____ () C:\ProgramData\OutlookFail.20141223.log
2014-12-28 09:52 - 2014-12-28 09:52 - 0000183 _____ () C:\ProgramData\OutlookFail.20141228.log
2015-01-03 08:09 - 2015-01-03 08:09 - 0000183 _____ () C:\ProgramData\OutlookFail.20150103.log
2015-01-04 11:29 - 2015-01-04 11:29 - 0000184 _____ () C:\ProgramData\OutlookFail.20150104.log
2015-01-05 18:36 - 2015-01-05 18:36 - 0000184 _____ () C:\ProgramData\OutlookFail.20150105.log
2015-01-29 10:53 - 2015-01-29 10:53 - 0000184 _____ () C:\ProgramData\OutlookFail.20150129.log
2015-02-01 15:31 - 2015-02-01 15:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20150201.log
2015-02-02 12:05 - 2015-02-02 12:05 - 0000183 _____ () C:\ProgramData\OutlookFail.20150202.log
2015-02-05 15:41 - 2015-02-05 15:41 - 0000183 _____ () C:\ProgramData\OutlookFail.20150205.log
2015-02-07 13:45 - 2015-02-07 13:45 - 0000184 _____ () C:\ProgramData\OutlookFail.20150207.log
2015-02-11 09:46 - 2015-02-11 09:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150211.log
2015-02-12 08:40 - 2015-02-12 08:40 - 0000183 _____ () C:\ProgramData\OutlookFail.20150212.log
2015-02-13 11:24 - 2015-02-13 11:24 - 0000183 _____ () C:\ProgramData\OutlookFail.20150213.log
2015-02-14 14:19 - 2015-02-14 14:19 - 0000183 _____ () C:\ProgramData\OutlookFail.20150214.log
2015-02-20 09:03 - 2015-02-20 09:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150220.log
2015-02-21 07:13 - 2015-02-21 07:13 - 0000183 _____ () C:\ProgramData\OutlookFail.20150221.log
2015-02-24 13:30 - 2015-02-24 13:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150224.log
2015-03-03 12:30 - 2015-03-03 12:30 - 0000184 _____ () C:\ProgramData\OutlookFail.20150303.log
2015-03-04 15:08 - 2015-03-04 15:08 - 0000183 _____ () C:\ProgramData\OutlookFail.20150304.log
2015-03-10 10:10 - 2015-03-10 10:10 - 0000183 _____ () C:\ProgramData\OutlookFail.20150310.log
2015-04-01 16:04 - 2015-04-01 16:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150401.log
2015-04-06 16:46 - 2015-04-06 16:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150406.log
2015-04-08 15:04 - 2015-04-08 15:04 - 0000184 _____ () C:\ProgramData\OutlookFail.20150408.log
2015-04-09 08:03 - 2015-04-09 08:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150409.log
2015-04-10 19:04 - 2015-04-10 19:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150410.log
2015-04-12 20:09 - 2015-04-12 20:09 - 0000184 _____ () C:\ProgramData\OutlookFail.20150412.log
2015-04-19 10:29 - 2015-04-19 10:29 - 0000183 _____ () C:\ProgramData\OutlookFail.20150419.log
2015-04-23 10:45 - 2015-04-23 10:46 - 0000367 _____ () C:\ProgramData\OutlookFail.20150423.log
2015-04-29 09:15 - 2015-04-29 09:15 - 0000183 _____ () C:\ProgramData\OutlookFail.20150429.log
2015-05-05 14:30 - 2015-05-05 14:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150505.log
2015-05-07 12:48 - 2015-05-07 12:48 - 0000182 _____ () C:\ProgramData\OutlookFail.20150507.log
2015-05-14 09:45 - 2015-05-14 09:45 - 0000183 _____ () C:\ProgramData\OutlookFail.20150514.log
2015-05-18 21:35 - 2015-05-18 21:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150518.log
2015-05-28 15:54 - 2015-05-28 15:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150528.log
2015-06-17 08:14 - 2015-06-17 08:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20150617.log
2015-06-23 16:18 - 2015-06-23 16:18 - 0000184 _____ () C:\ProgramData\OutlookFail.20150623.log
2015-06-26 20:03 - 2015-06-26 20:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150626.log
2015-06-29 17:33 - 2015-06-29 17:33 - 0000183 _____ () C:\ProgramData\OutlookFail.20150629.log
2015-06-30 08:16 - 2015-06-30 08:16 - 0000183 _____ () C:\ProgramData\OutlookFail.20150630.log
2015-07-01 08:50 - 2015-07-01 15:26 - 0000366 _____ () C:\ProgramData\OutlookFail.20150701.log
2015-07-11 08:11 - 2015-07-11 08:11 - 0000183 _____ () C:\ProgramData\OutlookFail.20150711.log
2015-07-15 19:54 - 2015-07-15 19:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150715.log
2015-07-16 22:35 - 2015-07-16 22:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150716.log
2015-07-19 08:57 - 2015-07-19 19:17 - 0000368 _____ () C:\ProgramData\OutlookFail.20150719.log
2015-07-24 07:37 - 2015-07-24 07:37 - 0000183 _____ () C:\ProgramData\OutlookFail.20150724.log
2015-08-09 15:27 - 2015-08-09 15:27 - 0000183 _____ () C:\ProgramData\OutlookFail.20150809.log
2015-08-10 20:02 - 2015-08-10 20:02 - 0000182 _____ () C:\ProgramData\OutlookFail.20150810.log
2015-08-17 17:28 - 2015-08-17 17:28 - 0000183 _____ () C:\ProgramData\OutlookFail.20150817.log
2015-08-18 14:15 - 2015-08-18 14:15 - 0000366 _____ () C:\ProgramData\OutlookFail.20150818.log
2015-08-19 19:36 - 2015-08-19 19:36 - 0000183 _____ () C:\ProgramData\OutlookFail.20150819.log
2015-08-23 16:28 - 2015-08-23 21:25 - 0000367 _____ () C:\ProgramData\OutlookFail.20150823.log
2015-09-10 16:44 - 2015-09-10 16:44 - 0000183 _____ () C:\ProgramData\OutlookFail.20150910.log
2015-09-11 07:30 - 2015-09-11 07:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150911.log
2015-09-18 16:35 - 2015-09-18 17:05 - 0000367 _____ () C:\ProgramData\OutlookFail.20150918.log
2015-10-15 06:31 - 2015-10-15 06:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20151015.log
2015-10-21 19:51 - 2015-10-21 19:51 - 0000183 _____ () C:\ProgramData\OutlookFail.20151021.log
2015-10-24 12:02 - 2015-10-24 12:02 - 0000183 _____ () C:\ProgramData\OutlookFail.20151024.log
2015-11-05 13:25 - 2015-11-05 13:36 - 0000368 _____ () C:\ProgramData\OutlookFail.20151105.log
2015-11-15 09:18 - 2015-11-15 09:18 - 0000183 _____ () C:\ProgramData\OutlookFail.20151115.log
2015-11-25 20:38 - 2015-11-25 20:38 - 0000183 _____ () C:\ProgramData\OutlookFail.20151125.log
2015-11-26 18:14 - 2015-11-26 18:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20151126.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-08-19 19:50
 
==================== End of FRST.txt ============================

  • 0

#9
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

That's not it. Try this way we need to run a fix using FRST.

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
U3 idsvc; no ImagePath
2016-08-21 20:06 - 2016-08-21 20:43 - 00000486 _____ C:\WINDOWS\Tasks\SparkTrust Registration3.job
2016-08-21 20:06 - 2016-08-21 20:43 - 00000444 _____ C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2016-08-21 20:06 - 2016-08-21 20:43 - 00000444 _____ C:\WINDOWS\Tasks\SparkTrust Update Version3.job
2016-08-21 20:06 - 2016-08-21 20:06 - 00004254 _____ C:\WINDOWS\System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE
2016-08-21 20:06 - 2016-08-21 20:06 - 00003406 _____ C:\WINDOWS\System32\Tasks\SparkTrust Update Version3
2016-08-21 20:06 - 2016-08-21 20:06 - 00003294 _____ C:\WINDOWS\System32\Tasks\SparkTrust Registration3
2016-08-21 20:06 - 2016-08-21 20:06 - 00003094 _____ C:\WINDOWS\System32\Tasks\SparkTrust Update Version3_triggeronce
2016-08-21 20:06 - 2016-08-21 20:06 - 00001426 _____ C:\Users\Stepan\Desktop\SparkTrust PC Cleaner Plus.lnk
2016-08-21 20:06 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:43 - 00000667 _____ C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job
2016-08-21 20:05 - 2016-08-21 20:06 - 00000000 ____D C:\Program Files\BDServices
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\ProgramData\SparkTrust
2016-08-21 20:05 - 2016-08-21 20:05 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2016-08-21 20:03 - 2016-08-21 20:04 - 11088144 _____ (SparkTrust) C:\Users\Stepan\Downloads\SparkTrust PC Cleaner Plus Setup_1F211128-B6AC-40FA-BE7A-C91E70D03CC7_.exe
2016-08-21 19:33 - 2016-08-21 19:33 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Stepan\Downloads\SpyHunter-Installer.exe
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
Task: {0FD865E9-13E1-4D13-B7B0-F8279830C371} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {265E76CD-C262-4E19-8781-7E9316A505F0} - System32\Tasks\SparkTrust Update Version3_triggeronce => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2016-07-27] (SparkTrust Systems) <==== ATTENTION
Task: {38329735-9504-44AE-BB5E-C63402669E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {406C3957-E1AD-4F75-AADF-C7236DFD490A} - System32\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2016-07-27] (SparkTrust) <==== ATTENTION
Task: {4A75A742-B6E7-4E25-A977-B9AD971C7A45} - System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\eff4e719\f83d0aa8.dll" <==== ATTENTION
Task: {5E4A78C5-7A35-46B5-B7F1-D952E005E80F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {64760BA2-B14F-4EDA-9829-9AF1E1256EB9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
C:\Program Files (x86)\SparkTrust\
"C:\PROGRA~3\eff4e719\
Task: {6BB1DE5D-0059-4897-9073-82A66A9550B2} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {6DD497D5-8A0B-48C2-A1EB-22939F61FBB7} - System32\Tasks\SparkTrust Update Version3 => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2016-07-27] (SparkTrust Systems) <==== ATTENTION
"C:\Program Files (x86)\Common Files\SparkTrust
Task: {7FB6A892-0DA9-4B60-A9F1-66B399DA5302} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9DF7118D-75B8-49D9-9EB3-E48F3279A1B6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AC23D927-41EF-4122-BD7F-549943AD8639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BF7E63CC-73B2-42B5-8CB3-336E12CCA355} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D9420185-3A37-4973-B2F6-85C5489AA2F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E61F3361-C27B-4AA2-897E-A89429B6ED4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8EDA1A2-E2A0-44CB-A753-C7E5392A300E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust PC Cleaner Plus_sch_9F2687C4-6797-11E6-9CBA-7824AFC129AE.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Registration3.job => rundll32.exe  C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to-> C:\Users\Stepan\Downloads. (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log in-> C:\Users\Stepan\Downloads. (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
  • 0

#10
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

 I did that here are the results

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Stepan (administrator) on STEPAN-PC (23-08-2016 08:50:09)
Running from C:\Users\Stepan\Downloads
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(BitTorrent, Inc.) C:\Users\Stepan\Downloads\utorrent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY Production LLC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\RunOnce: [Uninstall C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> hxxp://www.iinet.net.au/
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] ()
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-12] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-09] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-10] (Intel Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
S3 DC324e; C:\Windows\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-17] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-02] (ITE Tech. Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor, Inc.)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group, Inc.)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S0 rr172x; C:\Windows\System32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-04-17] (Duplex Secure Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TplinkUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\Windows\System32\Drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (wisecleaner.com)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 08:50 - 2016-08-23 08:50 - 00033114 _____ C:\Users\Stepan\Downloads\FRST.txt
2016-08-23 08:49 - 2016-08-23 08:49 - 00034600 _____ C:\Users\Stepan\Downloads\Fixlist.txt.one
2016-08-23 08:45 - 2016-08-23 08:45 - 00000000 ____D C:\Users\Stepan\Documents\OneNote Notebooks
2016-08-22 10:43 - 2016-08-23 07:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 10:43 - 2016-08-22 10:43 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 10:41 - 2016-08-22 10:43 - 22851472 _____ (Malwarebytes ) C:\Users\Stepan\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-22 08:32 - 2016-08-22 08:33 - 01610560 _____ (Malwarebytes) C:\Users\Stepan\Desktop\JRT.exe
2016-08-21 21:06 - 2016-08-21 21:06 - 00057962 _____ C:\Users\Stepan\Downloads\Addition.txt
2016-08-21 21:04 - 2016-08-23 08:50 - 00000000 ____D C:\Users\Stepan\Desktop\Geeks to go
2016-08-21 19:29 - 2016-08-22 08:25 - 00000000 ____D C:\AdwCleaner
2016-08-21 19:28 - 2016-08-21 19:28 - 03784256 _____ C:\Users\Stepan\Desktop\adwcleaner_6.000.exe
2016-08-21 19:17 - 2016-08-23 07:51 - 00000000 ____D C:\Users\Stepan\Downloads\FRST-OlderVersion
2016-08-21 19:01 - 2016-08-21 19:06 - 54287072 _____ (Microsoft Corporation) C:\Users\Stepan\Downloads\Windows-KB890830-x64-V5.39.exe
2016-08-21 18:20 - 2016-08-21 18:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-21 18:19 - 2016-08-21 18:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2016-08-21 18:19 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-21 16:42 - 2016-08-23 08:50 - 00000000 ____D C:\FRST
2016-08-21 16:33 - 2016-08-23 07:51 - 02396672 _____ (Farbar) C:\Users\Stepan\Downloads\FRST64.exe
2016-08-21 16:11 - 2016-08-21 18:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-21 16:10 - 2005-08-25 18:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
2016-08-21 15:42 - 2016-08-21 15:42 - 00003884 _____ C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E}
2016-08-21 15:11 - 2016-08-21 15:22 - 00000000 ____D C:\Users\Stepan\Documents\All about the olympics
2016-08-20 15:00 - 2016-08-20 15:00 - 00001248 _____ C:\Users\Stepan\Desktop\MassEffect.exe - Shortcut.lnk
2016-08-19 10:27 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-19 10:12 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-08-17 09:15 - 2016-08-11 19:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-17 09:14 - 2016-08-21 10:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-17 09:14 - 2016-05-04 10:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-17 09:14 - 2016-05-04 10:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-17 09:12 - 2016-08-11 22:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00574120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-11 13:50 - 2016-08-11 13:50 - 00001369 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-08-11 13:50 - 2016-08-11 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-08-11 11:27 - 2016-08-11 11:27 - 00114176 _____ C:\Users\Jordyn\Documents\Diet Graph for jj.pub
2016-08-10 20:00 - 2016-08-11 07:29 - 00112128 _____ C:\Users\Jordyn\Documents\Diet Graph.pub
2016-08-10 16:52 - 2016-08-10 16:52 - 00000000 ____D C:\Users\Stepan\Desktop\Rainbow Six
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\Users\Stepan\AppData\Local\SkinSoft
2016-08-10 14:04 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 14:04 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 14:04 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 14:04 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 14:04 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 14:04 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 14:04 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 14:04 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 14:04 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 14:04 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 14:04 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 14:04 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 14:04 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 14:04 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 14:04 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 14:04 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 14:04 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 14:04 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 14:04 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 14:04 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 14:04 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 14:04 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 14:04 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 14:04 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 14:04 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 14:04 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 14:04 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 14:04 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 14:04 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 14:04 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 14:04 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:07 - 2016-08-10 08:07 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iPod
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-03 18:57 - 2016-08-03 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-08-03 18:57 - 2016-07-28 18:57 - 00002208 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-08-03 18:57 - 2016-07-28 18:57 - 00002184 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Roaming\ABBYY
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Local\ABBYY
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 08:49 - 2014-11-29 17:03 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent
2016-08-23 08:46 - 2014-01-01 13:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-23 08:38 - 2014-11-29 20:05 - 00000000 ____D C:\torrents
2016-08-23 08:30 - 2014-11-29 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-23 08:14 - 2015-09-02 10:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-23 07:45 - 2016-04-27 11:32 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor
2016-08-23 07:45 - 2015-08-08 18:38 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD40C14C-7B14-4C6B-A556-FC9A47E1BD5A}
2016-08-23 07:43 - 2015-09-02 10:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 11:21 - 2016-01-19 16:50 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 11:21 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-22 11:15 - 2015-08-08 17:46 - 00152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys
2016-08-22 11:14 - 2016-01-19 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-22 11:14 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-22 11:14 - 2015-10-30 14:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-08-22 08:25 - 2016-01-19 16:51 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-08-21 21:31 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-21 19:37 - 2015-11-15 09:46 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:11 - 2013-07-21 04:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-21 19:05 - 2015-12-26 11:12 - 00000000 ____D C:\Users\Stepan\AppData\Local\CrashDumps
2016-08-21 15:41 - 2015-11-15 09:46 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-20 13:23 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Origin
2016-08-20 10:58 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 10:53 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-19 10:29 - 2014-12-15 14:03 - 00000000 ____D C:\Users\Stepan\Documents\BioWare
2016-08-19 10:00 - 2016-04-17 20:41 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2016-08-19 10:00 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 10:00 - 2015-08-08 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Local\Packages
2016-08-18 21:14 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Stepan
2016-08-17 19:22 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-17 09:15 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-17 09:15 - 2015-04-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-16 18:44 - 2015-11-27 19:30 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-16 18:44 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 18:44 - 2015-06-16 21:56 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 18:43 - 2015-11-27 19:30 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-13 18:48 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 18:34 - 2015-08-11 16:21 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9BDA47A-528B-43F6-BC9E-31C050B3E1B5}
2016-08-13 10:54 - 2015-12-25 08:27 - 14199360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-12 17:22 - 2014-11-30 10:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-11 22:33 - 2016-07-08 13:30 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 22:33 - 2016-05-18 16:35 - 20208360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 23699584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 14476904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-11 22:33 - 2015-12-25 08:27 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 20:27 - 2016-01-19 16:47 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-11 20:27 - 2016-01-19 16:47 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-11 13:50 - 2015-11-27 19:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-11 11:28 - 2015-08-08 17:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 09:29 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 20:52 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:40 - 2016-02-02 16:51 - 00000000 ____D C:\Users\Jordyn\AppData\Local\CrashDumps
2016-08-10 16:29 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:29 - 2013-07-21 04:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:25 - 2014-12-12 20:33 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Apple Computer
2016-08-10 08:25 - 2014-12-12 20:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-10 08:02 - 2014-12-12 20:34 - 00000000 ____D C:\Users\Stepan\AppData\Local\Apple Computer
2016-08-10 00:06 - 2016-01-19 16:47 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 13:53 - 2016-06-03 10:44 - 00000000 ____D C:\Users\Stepan\Desktop\Music Junk
2016-08-05 18:04 - 2015-03-10 18:43 - 00012928 _____ C:\Users\Jordyn\Desktop\Excel Worksheet.xlsx
2016-08-04 18:57 - 2016-07-23 13:45 - 00000000 ___RD C:\Users\Stepan\Documents\Scanned Documents
2016-08-04 10:44 - 2016-02-01 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Natasha
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Jordyn
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Diane
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 14:21 - 2014-01-02 05:35 - 00400304 __RSH C:\bootmgr
2016-07-31 15:09 - 2015-09-02 10:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-31 15:09 - 2015-09-02 10:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-29 21:34 - 2016-07-14 14:51 - 00000000 ____D C:\Users\Stepan\Documents\Trash
2016-07-28 18:57 - 2015-10-30 14:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 18:57 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2016-08-21 20:06 - 2016-08-21 20:41 - 0000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt
2014-11-29 21:28 - 2014-12-04 07:28 - 0000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG
2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-08-13 20:21 - 2015-09-07 15:49 - 0002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2014-12-01 19:29 - 2014-12-03 07:28 - 0000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT
2014-11-29 22:00 - 2014-11-29 22:00 - 0000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache
2015-07-13 14:25 - 2015-07-13 14:25 - 0000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND
2016-04-20 08:22 - 2016-04-20 08:22 - 0000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg
2014-11-30 09:14 - 2015-11-22 07:58 - 0000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache
2016-01-19 16:47 - 2016-01-19 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-03 15:35 - 2014-12-03 15:35 - 0000184 _____ () C:\ProgramData\OutlookFail.20141203.log
2014-12-05 20:55 - 2014-12-05 21:06 - 0000367 _____ () C:\ProgramData\OutlookFail.20141205.log
2014-12-07 19:34 - 2014-12-07 19:34 - 0000184 _____ () C:\ProgramData\OutlookFail.20141207.log
2014-12-18 19:01 - 2014-12-18 19:01 - 0000184 _____ () C:\ProgramData\OutlookFail.20141218.log
2014-12-23 08:50 - 2014-12-23 08:50 - 0000183 _____ () C:\ProgramData\OutlookFail.20141223.log
2014-12-28 09:52 - 2014-12-28 09:52 - 0000183 _____ () C:\ProgramData\OutlookFail.20141228.log
2015-01-03 08:09 - 2015-01-03 08:09 - 0000183 _____ () C:\ProgramData\OutlookFail.20150103.log
2015-01-04 11:29 - 2015-01-04 11:29 - 0000184 _____ () C:\ProgramData\OutlookFail.20150104.log
2015-01-05 18:36 - 2015-01-05 18:36 - 0000184 _____ () C:\ProgramData\OutlookFail.20150105.log
2015-01-29 10:53 - 2015-01-29 10:53 - 0000184 _____ () C:\ProgramData\OutlookFail.20150129.log
2015-02-01 15:31 - 2015-02-01 15:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20150201.log
2015-02-02 12:05 - 2015-02-02 12:05 - 0000183 _____ () C:\ProgramData\OutlookFail.20150202.log
2015-02-05 15:41 - 2015-02-05 15:41 - 0000183 _____ () C:\ProgramData\OutlookFail.20150205.log
2015-02-07 13:45 - 2015-02-07 13:45 - 0000184 _____ () C:\ProgramData\OutlookFail.20150207.log
2015-02-11 09:46 - 2015-02-11 09:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150211.log
2015-02-12 08:40 - 2015-02-12 08:40 - 0000183 _____ () C:\ProgramData\OutlookFail.20150212.log
2015-02-13 11:24 - 2015-02-13 11:24 - 0000183 _____ () C:\ProgramData\OutlookFail.20150213.log
2015-02-14 14:19 - 2015-02-14 14:19 - 0000183 _____ () C:\ProgramData\OutlookFail.20150214.log
2015-02-20 09:03 - 2015-02-20 09:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150220.log
2015-02-21 07:13 - 2015-02-21 07:13 - 0000183 _____ () C:\ProgramData\OutlookFail.20150221.log
2015-02-24 13:30 - 2015-02-24 13:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150224.log
2015-03-03 12:30 - 2015-03-03 12:30 - 0000184 _____ () C:\ProgramData\OutlookFail.20150303.log
2015-03-04 15:08 - 2015-03-04 15:08 - 0000183 _____ () C:\ProgramData\OutlookFail.20150304.log
2015-03-10 10:10 - 2015-03-10 10:10 - 0000183 _____ () C:\ProgramData\OutlookFail.20150310.log
2015-04-01 16:04 - 2015-04-01 16:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150401.log
2015-04-06 16:46 - 2015-04-06 16:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150406.log
2015-04-08 15:04 - 2015-04-08 15:04 - 0000184 _____ () C:\ProgramData\OutlookFail.20150408.log
2015-04-09 08:03 - 2015-04-09 08:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150409.log
2015-04-10 19:04 - 2015-04-10 19:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150410.log
2015-04-12 20:09 - 2015-04-12 20:09 - 0000184 _____ () C:\ProgramData\OutlookFail.20150412.log
2015-04-19 10:29 - 2015-04-19 10:29 - 0000183 _____ () C:\ProgramData\OutlookFail.20150419.log
2015-04-23 10:45 - 2015-04-23 10:46 - 0000367 _____ () C:\ProgramData\OutlookFail.20150423.log
2015-04-29 09:15 - 2015-04-29 09:15 - 0000183 _____ () C:\ProgramData\OutlookFail.20150429.log
2015-05-05 14:30 - 2015-05-05 14:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150505.log
2015-05-07 12:48 - 2015-05-07 12:48 - 0000182 _____ () C:\ProgramData\OutlookFail.20150507.log
2015-05-14 09:45 - 2015-05-14 09:45 - 0000183 _____ () C:\ProgramData\OutlookFail.20150514.log
2015-05-18 21:35 - 2015-05-18 21:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150518.log
2015-05-28 15:54 - 2015-05-28 15:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150528.log
2015-06-17 08:14 - 2015-06-17 08:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20150617.log
2015-06-23 16:18 - 2015-06-23 16:18 - 0000184 _____ () C:\ProgramData\OutlookFail.20150623.log
2015-06-26 20:03 - 2015-06-26 20:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150626.log
2015-06-29 17:33 - 2015-06-29 17:33 - 0000183 _____ () C:\ProgramData\OutlookFail.20150629.log
2015-06-30 08:16 - 2015-06-30 08:16 - 0000183 _____ () C:\ProgramData\OutlookFail.20150630.log
2015-07-01 08:50 - 2015-07-01 15:26 - 0000366 _____ () C:\ProgramData\OutlookFail.20150701.log
2015-07-11 08:11 - 2015-07-11 08:11 - 0000183 _____ () C:\ProgramData\OutlookFail.20150711.log
2015-07-15 19:54 - 2015-07-15 19:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150715.log
2015-07-16 22:35 - 2015-07-16 22:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150716.log
2015-07-19 08:57 - 2015-07-19 19:17 - 0000368 _____ () C:\ProgramData\OutlookFail.20150719.log
2015-07-24 07:37 - 2015-07-24 07:37 - 0000183 _____ () C:\ProgramData\OutlookFail.20150724.log
2015-08-09 15:27 - 2015-08-09 15:27 - 0000183 _____ () C:\ProgramData\OutlookFail.20150809.log
2015-08-10 20:02 - 2015-08-10 20:02 - 0000182 _____ () C:\ProgramData\OutlookFail.20150810.log
2015-08-17 17:28 - 2015-08-17 17:28 - 0000183 _____ () C:\ProgramData\OutlookFail.20150817.log
2015-08-18 14:15 - 2015-08-18 14:15 - 0000366 _____ () C:\ProgramData\OutlookFail.20150818.log
2015-08-19 19:36 - 2015-08-19 19:36 - 0000183 _____ () C:\ProgramData\OutlookFail.20150819.log
2015-08-23 16:28 - 2015-08-23 21:25 - 0000367 _____ () C:\ProgramData\OutlookFail.20150823.log
2015-09-10 16:44 - 2015-09-10 16:44 - 0000183 _____ () C:\ProgramData\OutlookFail.20150910.log
2015-09-11 07:30 - 2015-09-11 07:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150911.log
2015-09-18 16:35 - 2015-09-18 17:05 - 0000367 _____ () C:\ProgramData\OutlookFail.20150918.log
2015-10-15 06:31 - 2015-10-15 06:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20151015.log
2015-10-21 19:51 - 2015-10-21 19:51 - 0000183 _____ () C:\ProgramData\OutlookFail.20151021.log
2015-10-24 12:02 - 2015-10-24 12:02 - 0000183 _____ () C:\ProgramData\OutlookFail.20151024.log
2015-11-05 13:25 - 2015-11-05 13:36 - 0000368 _____ () C:\ProgramData\OutlookFail.20151105.log
2015-11-15 09:18 - 2015-11-15 09:18 - 0000183 _____ () C:\ProgramData\OutlookFail.20151115.log
2015-11-25 20:38 - 2015-11-25 20:38 - 0000183 _____ () C:\ProgramData\OutlookFail.20151125.log
2015-11-26 18:14 - 2015-11-26 18:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20151126.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-08-19 19:50
 
==================== End of FRST.txt ============================

.​


  • 0

Advertisements


#11
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Don't worry lots of people struggle with this.

You posted FRST.TXT

I need Fixlog.txt and it should be here, that is if you ran the fix --->C:\Users\Stepan\Downloads

Looks like this example log below:
 

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [Uxbgmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Alex\AppData\Local\YddrPack\sbciCprt54.dll
Task: {39376A87-E01B-46F0-9D71-D768DC86AAA7} - \SessionAgent -> No File <==== ATTENTION
ProxyEnable: [S-1-5-21-482574108-2876646391-2450146034-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-482574108-2876646391-2450146034-1001] => http=127.0.0.1:64550;https=127.0.0.1:64550
SearchScopes: HKU\S-1-5-21-482574108-2876646391-2450146034-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
CHR HomePage: Default -> hxxp://mystart.incredibar.com/?a=6Oz8ZpUKl9&loc=skw
CHR StartupUrls: Default -> "","hxxp://mystart.incredibar.com/?a=6R9m9Z7cl4&i=26&loc=skw","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.0.5.292&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.0.443&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.5.512&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.7.598&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.786&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.799&pid=safeguard&sg=0&sap=hp","hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=8&UP=SPDE37641D-D109-4BCC-9802-91C3E5978CAE&D=061215&SSPV="
S3 C450CB54; \??\C:\ProgramData\00097215_tvn [X]
2016-07-18 20:16 - 2016-07-21 19:47 - 00000000 ____D C:\Users\Alex\AppData\Local\YddrPack
2016-07-18 20:16 - 2016-07-21 19:47 - 00000000 ____D C:\Users\Alex\AppData\Local\Oqdlics
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Uxbgmedia => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39376A87-E01B-46F0-9D71-D768DC86AAA7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39376A87-E01B-46F0-9D71-D768DC86AAA7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SessionAgent" => key removed successfully
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
In review,

You have the fixlist here-> C:\Users\Stepan\Downloads\Fixlist.txt.one so that's good :)

Now go back here-> C:\Users\Stepan\Downloads\ to your downloads folder and find FRST

index_zpsae74eeb3.png

Right click on it, choose Run as adminstrator when it opens click on FIX
frst.JPG

Wait for it to finish, and it will make a log called-> Fixlog.txt in-> C:\Users\Stepan\Downloads\ find and post it.
  • 0

#13
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

did exactly that and it told me the information is in the download page so here it is. I'm off to work mow be back tomorrow morning at 0830 Australian wst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Stepan (administrator) on STEPAN-PC (23-08-2016 10:21:36)
Running from C:\Users\Stepan\Downloads\FRST-OlderVersion
Loaded Profiles: Stepan & NeroMediaHomeUser.4 (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY Production LLC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe [7763384 2016-07-15] (AO Kaspersky Lab)
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\RunOnce: [Uninstall C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stepan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMP.EXE [283232 2015-03-13] (SEIKO EPSON CORPORATION)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-600410608-1858306824-1911990453-1007\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{39361549-3e2c-471d-bfc4-e02eec44e9ee}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-08-01] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> hxxp://www.iinet.net.au/
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome:
=======
CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-28]
CHR Extension: (Google Docs Offline) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] ()
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-12] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 amdide64; C:\Windows\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
S3 arcm_a64; C:\Windows\system32\drivers\arcm_a64.sys [52768 2009-11-09] (ARECA Technology Corporation)
S3 asahci64; C:\Windows\system32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-10] (Intel Corp.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol GmbH)
S3 DC324e; C:\Windows\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol GmbH)
S3 DC4300; C:\Windows\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol GmbH)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Intel Corp.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-17] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [32768 2007-05-02] (ITE Tech. Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation, Inc.)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor, Inc.)
S3 mvs94xx; C:\Windows\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor, Inc.)
S3 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group, Inc.)
S3 ocz12xx; C:\Windows\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group, Inc.)
S3 Pnp680; C:\Windows\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc)
S0 rr172x; C:\Windows\System32\drivers\rr172x.sys [124448 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc.)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203832 2016-04-17] (Duplex Secure Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TplinkUDSMBus; C:\Windows\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\Windows\System32\Drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc.,Ltd)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (wisecleaner.com)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp.)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 10:15 - 2016-08-23 10:15 - 00000688 _____ C:\Users\Stepan\Desktop\JRT.txt
2016-08-23 08:50 - 2016-08-23 10:17 - 00075450 _____ C:\Users\Stepan\Downloads\FRST.txt
2016-08-23 08:49 - 2016-08-23 08:49 - 00034600 _____ C:\Users\Stepan\Downloads\Fixlist.txt.one
2016-08-23 08:45 - 2016-08-23 08:52 - 00000000 ____D C:\Users\Stepan\Documents\OneNote Notebooks
2016-08-22 10:43 - 2016-08-23 09:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 10:43 - 2016-08-22 10:43 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 10:43 - 2016-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 10:43 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 10:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 10:41 - 2016-08-22 10:43 - 22851472 _____ (Malwarebytes ) C:\Users\Stepan\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-22 08:32 - 2016-08-22 08:33 - 01610560 _____ (Malwarebytes) C:\Users\Stepan\Desktop\JRT.exe
2016-08-21 21:06 - 2016-08-23 08:51 - 00056613 _____ C:\Users\Stepan\Downloads\Addition.txt
2016-08-21 21:04 - 2016-08-23 08:50 - 00000000 ____D C:\Users\Stepan\Desktop\Geeks to go
2016-08-21 19:29 - 2016-08-23 09:55 - 00000000 ____D C:\AdwCleaner
2016-08-21 19:28 - 2016-08-21 19:28 - 03784256 _____ C:\Users\Stepan\Desktop\adwcleaner_6.000.exe
2016-08-21 19:17 - 2016-08-23 10:21 - 00000000 ____D C:\Users\Stepan\Downloads\FRST-OlderVersion
2016-08-21 18:20 - 2016-08-21 18:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-21 18:19 - 2016-08-21 18:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2016-08-21 18:19 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-21 18:19 - 2016-08-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-21 18:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-21 16:42 - 2016-08-23 10:21 - 00000000 ____D C:\FRST
2016-08-21 16:33 - 2016-08-23 07:51 - 02396672 _____ (Farbar) C:\Users\Stepan\Downloads\FRST64.exe
2016-08-21 16:11 - 2016-08-21 18:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-21 16:10 - 2005-08-25 18:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2016-08-21 16:08 - 2016-08-21 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Lavasoft
2016-08-21 15:42 - 2016-08-21 15:42 - 00003884 _____ C:\WINDOWS\System32\Tasks\{79D1CF0C-9F02-5AB2-8460-E7159068251E}
2016-08-21 15:11 - 2016-08-21 15:22 - 00000000 ____D C:\Users\Stepan\Documents\All about the olympics
2016-08-20 15:00 - 2016-08-20 15:00 - 00001248 _____ C:\Users\Stepan\Desktop\MassEffect.exe - Shortcut.lnk
2016-08-19 10:27 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-19 10:12 - 2016-08-20 14:12 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-08-17 09:15 - 2016-08-11 19:30 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-17 09:14 - 2016-08-21 10:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-17 09:14 - 2016-05-04 10:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-17 09:14 - 2016-05-04 10:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-17 09:14 - 2016-05-04 10:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-17 09:12 - 2016-08-11 22:33 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00612528 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00574120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 09:12 - 2016-08-11 22:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-11 13:50 - 2016-08-11 13:50 - 00001369 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-08-11 13:50 - 2016-08-11 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-08-11 11:27 - 2016-08-11 11:27 - 00114176 _____ C:\Users\Jordyn\Documents\Diet Graph for jj.pub
2016-08-10 20:00 - 2016-08-11 07:29 - 00112128 _____ C:\Users\Jordyn\Documents\Diet Graph.pub
2016-08-10 16:52 - 2016-08-10 16:52 - 00000000 ____D C:\Users\Stepan\Desktop\Rainbow Six
2016-08-10 16:50 - 2016-08-10 16:50 - 00000000 ____D C:\Users\Stepan\AppData\Local\SkinSoft
2016-08-10 14:04 - 2016-08-03 19:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 14:04 - 2016-08-03 19:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 14:04 - 2016-08-03 18:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 14:04 - 2016-08-03 18:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 14:04 - 2016-08-03 18:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 14:04 - 2016-08-03 18:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 18:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 14:04 - 2016-08-03 18:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 18:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 14:04 - 2016-08-03 18:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 14:04 - 2016-08-03 18:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 18:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 18:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 14:04 - 2016-08-03 18:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 14:04 - 2016-08-03 18:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 14:04 - 2016-08-03 18:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 14:04 - 2016-08-03 18:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 14:04 - 2016-08-03 18:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 14:04 - 2016-08-03 17:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 17:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 14:04 - 2016-08-03 17:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 14:04 - 2016-08-03 17:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 14:04 - 2016-08-03 17:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 14:04 - 2016-08-03 17:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 17:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 14:04 - 2016-08-03 17:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 14:04 - 2016-08-03 17:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 14:04 - 2016-08-03 17:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 14:04 - 2016-08-03 17:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 14:04 - 2016-08-03 17:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 14:04 - 2016-08-03 17:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 14:04 - 2016-08-03 17:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 14:04 - 2016-08-03 17:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 14:04 - 2016-08-03 17:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 14:04 - 2016-08-03 17:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 17:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 17:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 14:04 - 2016-08-03 17:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 14:04 - 2016-08-03 17:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 17:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 14:04 - 2016-08-03 17:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 14:04 - 2016-08-03 17:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 14:04 - 2016-08-03 17:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 17:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 14:04 - 2016-08-03 17:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 14:04 - 2016-08-03 17:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 14:04 - 2016-08-03 17:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 14:04 - 2016-08-03 17:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 17:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 14:04 - 2016-08-03 17:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 14:04 - 2016-08-03 17:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 14:04 - 2016-08-03 17:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 14:04 - 2016-08-03 17:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 14:04 - 2016-08-03 17:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 14:04 - 2016-08-03 13:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 14:04 - 2016-08-03 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 14:04 - 2016-08-03 13:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 14:04 - 2016-08-03 13:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 14:04 - 2016-08-03 13:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 14:04 - 2016-08-03 13:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 14:04 - 2016-08-03 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 14:04 - 2016-08-03 12:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 14:04 - 2016-08-03 12:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 14:04 - 2016-08-03 12:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 14:04 - 2016-08-03 12:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 14:04 - 2016-08-03 12:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 14:04 - 2016-08-03 12:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 14:04 - 2016-08-03 12:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 14:04 - 2016-08-03 12:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 14:04 - 2016-08-03 12:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 14:04 - 2016-08-03 12:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 14:04 - 2016-08-03 12:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 14:04 - 2016-08-03 12:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 14:04 - 2016-08-03 12:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 14:04 - 2016-08-03 12:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 14:04 - 2016-08-03 12:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 14:04 - 2016-08-03 12:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 14:04 - 2016-08-03 12:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 14:04 - 2016-08-03 12:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 14:04 - 2016-08-03 12:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 14:04 - 2016-08-03 12:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 14:04 - 2016-08-03 12:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:07 - 2016-08-10 08:07 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iTunes
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files\iPod
2016-08-10 08:07 - 2016-08-10 08:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-03 18:57 - 2016-08-03 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-08-03 18:57 - 2016-07-28 18:57 - 00002208 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-08-03 18:57 - 2016-07-28 18:57 - 00002184 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Roaming\ABBYY
2016-07-31 15:00 - 2016-07-31 15:00 - 00000000 ____D C:\Users\Jordyn\AppData\Local\ABBYY
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-23 10:14 - 2015-09-02 10:02 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-23 10:14 - 2014-11-29 16:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-23 10:12 - 2016-04-27 11:32 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor
2016-08-23 10:08 - 2014-11-29 17:03 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent
2016-08-23 10:04 - 2016-01-19 16:50 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-23 10:04 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-23 09:58 - 2015-09-02 10:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-23 09:57 - 2016-01-19 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-23 09:57 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-23 09:57 - 2015-08-08 17:46 - 00152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys
2016-08-23 09:56 - 2015-10-30 14:28 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
2016-08-23 09:46 - 2014-01-01 13:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-23 08:38 - 2014-11-29 20:05 - 00000000 ____D C:\torrents
2016-08-23 07:45 - 2015-08-08 18:38 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD40C14C-7B14-4C6B-A556-FC9A47E1BD5A}
2016-08-22 08:25 - 2016-01-19 16:51 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2016-08-21 21:31 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-21 19:37 - 2015-11-15 09:46 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-21 19:11 - 2013-07-21 04:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-21 19:05 - 2015-12-26 11:12 - 00000000 ____D C:\Users\Stepan\AppData\Local\CrashDumps
2016-08-21 15:41 - 2015-11-15 09:46 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-20 13:23 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Origin
2016-08-20 10:58 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 10:53 - 2014-11-30 10:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-19 10:29 - 2014-12-15 14:03 - 00000000 ____D C:\Users\Stepan\Documents\BioWare
2016-08-19 10:00 - 2016-04-17 20:41 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2016-08-19 10:00 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 10:00 - 2015-08-08 17:59 - 00000000 ____D C:\Users\Stepan\AppData\Local\Packages
2016-08-18 21:14 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Stepan
2016-08-17 19:22 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-17 09:15 - 2016-01-19 16:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-17 09:15 - 2015-04-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-16 18:44 - 2015-11-27 19:30 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-16 18:44 - 2015-06-26 23:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 18:44 - 2015-06-16 21:56 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 18:43 - 2015-11-27 19:30 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-13 18:48 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 18:34 - 2015-08-11 16:21 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9BDA47A-528B-43F6-BC9E-31C050B3E1B5}
2016-08-13 10:54 - 2015-12-25 08:27 - 14199360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-12 17:22 - 2014-11-30 10:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-11 22:33 - 2016-07-08 13:30 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 22:33 - 2016-05-18 16:35 - 20208360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 23699584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 14476904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-11 22:33 - 2015-12-25 08:27 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-11 22:33 - 2015-12-25 08:27 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-11 20:27 - 2016-01-19 16:47 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-11 20:27 - 2016-01-19 16:47 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-11 20:27 - 2016-01-19 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-11 13:50 - 2015-11-27 19:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-11 11:28 - 2015-08-08 17:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 09:29 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 20:52 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 20:52 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:40 - 2016-02-02 16:51 - 00000000 ____D C:\Users\Jordyn\AppData\Local\CrashDumps
2016-08-10 16:29 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 16:29 - 2013-07-21 04:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:25 - 2014-12-12 20:33 - 00000000 ____D C:\Users\Stepan\AppData\Roaming\Apple Computer
2016-08-10 08:25 - 2014-12-12 20:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-10 08:02 - 2014-12-12 20:34 - 00000000 ____D C:\Users\Stepan\AppData\Local\Apple Computer
2016-08-10 00:06 - 2016-01-19 16:47 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 13:53 - 2016-06-03 10:44 - 00000000 ____D C:\Users\Stepan\Desktop\Music Junk
2016-08-05 18:04 - 2015-03-10 18:43 - 00012928 _____ C:\Users\Jordyn\Desktop\Excel Worksheet.xlsx
2016-08-04 18:57 - 2016-07-23 13:45 - 00000000 ___RD C:\Users\Stepan\Documents\Scanned Documents
2016-08-04 10:44 - 2016-02-01 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Natasha
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Jordyn
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\Diane
2016-08-03 18:56 - 2016-01-19 16:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 14:21 - 2014-01-02 05:35 - 00400304 __RSH C:\bootmgr
2016-07-31 15:09 - 2015-09-02 10:02 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-31 15:09 - 2015-09-02 10:02 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-29 21:34 - 2016-07-14 14:51 - 00000000 ____D C:\Users\Stepan\Documents\Trash
2016-07-28 18:57 - 2015-10-30 14:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-28 18:57 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2016-08-21 20:06 - 2016-08-21 20:41 - 0000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt
2014-11-29 21:28 - 2014-12-04 07:28 - 0000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG
2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload
2015-08-13 20:21 - 2015-09-07 15:49 - 0002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd
2014-12-01 19:29 - 2014-12-03 07:28 - 0000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT
2014-11-29 22:00 - 2014-11-29 22:00 - 0000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache
2015-07-13 14:25 - 2015-07-13 14:25 - 0000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND
2016-04-20 08:22 - 2016-04-20 08:22 - 0000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg
2014-11-30 09:14 - 2015-11-22 07:58 - 0000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache
2016-01-19 16:47 - 2016-01-19 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-03 15:35 - 2014-12-03 15:35 - 0000184 _____ () C:\ProgramData\OutlookFail.20141203.log
2014-12-05 20:55 - 2014-12-05 21:06 - 0000367 _____ () C:\ProgramData\OutlookFail.20141205.log
2014-12-07 19:34 - 2014-12-07 19:34 - 0000184 _____ () C:\ProgramData\OutlookFail.20141207.log
2014-12-18 19:01 - 2014-12-18 19:01 - 0000184 _____ () C:\ProgramData\OutlookFail.20141218.log
2014-12-23 08:50 - 2014-12-23 08:50 - 0000183 _____ () C:\ProgramData\OutlookFail.20141223.log
2014-12-28 09:52 - 2014-12-28 09:52 - 0000183 _____ () C:\ProgramData\OutlookFail.20141228.log
2015-01-03 08:09 - 2015-01-03 08:09 - 0000183 _____ () C:\ProgramData\OutlookFail.20150103.log
2015-01-04 11:29 - 2015-01-04 11:29 - 0000184 _____ () C:\ProgramData\OutlookFail.20150104.log
2015-01-05 18:36 - 2015-01-05 18:36 - 0000184 _____ () C:\ProgramData\OutlookFail.20150105.log
2015-01-29 10:53 - 2015-01-29 10:53 - 0000184 _____ () C:\ProgramData\OutlookFail.20150129.log
2015-02-01 15:31 - 2015-02-01 15:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20150201.log
2015-02-02 12:05 - 2015-02-02 12:05 - 0000183 _____ () C:\ProgramData\OutlookFail.20150202.log
2015-02-05 15:41 - 2015-02-05 15:41 - 0000183 _____ () C:\ProgramData\OutlookFail.20150205.log
2015-02-07 13:45 - 2015-02-07 13:45 - 0000184 _____ () C:\ProgramData\OutlookFail.20150207.log
2015-02-11 09:46 - 2015-02-11 09:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150211.log
2015-02-12 08:40 - 2015-02-12 08:40 - 0000183 _____ () C:\ProgramData\OutlookFail.20150212.log
2015-02-13 11:24 - 2015-02-13 11:24 - 0000183 _____ () C:\ProgramData\OutlookFail.20150213.log
2015-02-14 14:19 - 2015-02-14 14:19 - 0000183 _____ () C:\ProgramData\OutlookFail.20150214.log
2015-02-20 09:03 - 2015-02-20 09:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150220.log
2015-02-21 07:13 - 2015-02-21 07:13 - 0000183 _____ () C:\ProgramData\OutlookFail.20150221.log
2015-02-24 13:30 - 2015-02-24 13:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150224.log
2015-03-03 12:30 - 2015-03-03 12:30 - 0000184 _____ () C:\ProgramData\OutlookFail.20150303.log
2015-03-04 15:08 - 2015-03-04 15:08 - 0000183 _____ () C:\ProgramData\OutlookFail.20150304.log
2015-03-10 10:10 - 2015-03-10 10:10 - 0000183 _____ () C:\ProgramData\OutlookFail.20150310.log
2015-04-01 16:04 - 2015-04-01 16:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150401.log
2015-04-06 16:46 - 2015-04-06 16:46 - 0000183 _____ () C:\ProgramData\OutlookFail.20150406.log
2015-04-08 15:04 - 2015-04-08 15:04 - 0000184 _____ () C:\ProgramData\OutlookFail.20150408.log
2015-04-09 08:03 - 2015-04-09 08:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150409.log
2015-04-10 19:04 - 2015-04-10 19:04 - 0000183 _____ () C:\ProgramData\OutlookFail.20150410.log
2015-04-12 20:09 - 2015-04-12 20:09 - 0000184 _____ () C:\ProgramData\OutlookFail.20150412.log
2015-04-19 10:29 - 2015-04-19 10:29 - 0000183 _____ () C:\ProgramData\OutlookFail.20150419.log
2015-04-23 10:45 - 2015-04-23 10:46 - 0000367 _____ () C:\ProgramData\OutlookFail.20150423.log
2015-04-29 09:15 - 2015-04-29 09:15 - 0000183 _____ () C:\ProgramData\OutlookFail.20150429.log
2015-05-05 14:30 - 2015-05-05 14:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150505.log
2015-05-07 12:48 - 2015-05-07 12:48 - 0000182 _____ () C:\ProgramData\OutlookFail.20150507.log
2015-05-14 09:45 - 2015-05-14 09:45 - 0000183 _____ () C:\ProgramData\OutlookFail.20150514.log
2015-05-18 21:35 - 2015-05-18 21:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150518.log
2015-05-28 15:54 - 2015-05-28 15:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150528.log
2015-06-17 08:14 - 2015-06-17 08:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20150617.log
2015-06-23 16:18 - 2015-06-23 16:18 - 0000184 _____ () C:\ProgramData\OutlookFail.20150623.log
2015-06-26 20:03 - 2015-06-26 20:03 - 0000183 _____ () C:\ProgramData\OutlookFail.20150626.log
2015-06-29 17:33 - 2015-06-29 17:33 - 0000183 _____ () C:\ProgramData\OutlookFail.20150629.log
2015-06-30 08:16 - 2015-06-30 08:16 - 0000183 _____ () C:\ProgramData\OutlookFail.20150630.log
2015-07-01 08:50 - 2015-07-01 15:26 - 0000366 _____ () C:\ProgramData\OutlookFail.20150701.log
2015-07-11 08:11 - 2015-07-11 08:11 - 0000183 _____ () C:\ProgramData\OutlookFail.20150711.log
2015-07-15 19:54 - 2015-07-15 19:54 - 0000184 _____ () C:\ProgramData\OutlookFail.20150715.log
2015-07-16 22:35 - 2015-07-16 22:35 - 0000183 _____ () C:\ProgramData\OutlookFail.20150716.log
2015-07-19 08:57 - 2015-07-19 19:17 - 0000368 _____ () C:\ProgramData\OutlookFail.20150719.log
2015-07-24 07:37 - 2015-07-24 07:37 - 0000183 _____ () C:\ProgramData\OutlookFail.20150724.log
2015-08-09 15:27 - 2015-08-09 15:27 - 0000183 _____ () C:\ProgramData\OutlookFail.20150809.log
2015-08-10 20:02 - 2015-08-10 20:02 - 0000182 _____ () C:\ProgramData\OutlookFail.20150810.log
2015-08-17 17:28 - 2015-08-17 17:28 - 0000183 _____ () C:\ProgramData\OutlookFail.20150817.log
2015-08-18 14:15 - 2015-08-18 14:15 - 0000366 _____ () C:\ProgramData\OutlookFail.20150818.log
2015-08-19 19:36 - 2015-08-19 19:36 - 0000183 _____ () C:\ProgramData\OutlookFail.20150819.log
2015-08-23 16:28 - 2015-08-23 21:25 - 0000367 _____ () C:\ProgramData\OutlookFail.20150823.log
2015-09-10 16:44 - 2015-09-10 16:44 - 0000183 _____ () C:\ProgramData\OutlookFail.20150910.log
2015-09-11 07:30 - 2015-09-11 07:30 - 0000183 _____ () C:\ProgramData\OutlookFail.20150911.log
2015-09-18 16:35 - 2015-09-18 17:05 - 0000367 _____ () C:\ProgramData\OutlookFail.20150918.log
2015-10-15 06:31 - 2015-10-15 06:31 - 0000184 _____ () C:\ProgramData\OutlookFail.20151015.log
2015-10-21 19:51 - 2015-10-21 19:51 - 0000183 _____ () C:\ProgramData\OutlookFail.20151021.log
2015-10-24 12:02 - 2015-10-24 12:02 - 0000183 _____ () C:\ProgramData\OutlookFail.20151024.log
2015-11-05 13:25 - 2015-11-05 13:36 - 0000368 _____ () C:\ProgramData\OutlookFail.20151105.log
2015-11-15 09:18 - 2015-11-15 09:18 - 0000183 _____ () C:\ProgramData\OutlookFail.20151115.log
2015-11-25 20:38 - 2015-11-25 20:38 - 0000183 _____ () C:\ProgramData\OutlookFail.20151125.log
2015-11-26 18:14 - 2015-11-26 18:14 - 0000183 _____ () C:\ProgramData\OutlookFail.20151126.log
 
Some files in TEMP:
====================
C:\Users\Stepan\AppData\Local\Temp\libeay32.dll
C:\Users\Stepan\AppData\Local\Temp\msvcr120.dll
C:\Users\Stepan\AppData\Local\Temp\sqlite3.dll
 

==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-08-19 19:50
 
==================== End of FRST.txt ============================

  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
I see this in your downloads folder
 

C:\Users\Stepan\Downloads\FRST.txt
C:\Users\Stepan\Downloads\Fixlist.txt.one
C:\Users\Stepan\Downloads\FRST64.exe
C:\Users\Stepan\Downloads\Addition.txt
C:\Users\Stepan\Downloads\FRST-OlderVersion
C:\Users\Stepan\Downloads\FRST64.exe


There is no Fixlog.txt that I can see.

Can you delete everything in there except these 2 below. Keeping the fixlist and 1 copy of FRST64.exe
C:\Users\Stepan\Downloads\Fixlist.txt.one
C:\Users\Stepan\Downloads\FRST64.exe

Then open FRST64.EXE click fix again, see what happens and see if a fixlog.txt gets generated.

See you Tomorrow

Thanks
Joe :)
  • 0

#15
traindriver

traindriver

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Zep516 I followed your instructions exactly and taken a screen shot of what happens. this is why I keep on sending that information. I know you said no attachments but this is the only way I know how to give you the screen shot. Sorry.

 

 

Attached Thumbnails

  • Capture.PNG

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP