Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-12-2015 Ran by Davina-Divine (administrator) on DIVINE (03-12-2015 13:16:10) Running from C:\Users\Davina-Divine\Downloads Loaded Profiles: Davina-Divine (Available Profiles: Davina-Divine) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Windows\System32\WLTRYSVC.EXE (Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (F-Secure Corporation) C:\Program Files\F-Secure\Freedome\Freedome\1\FreedomeService.exe () C:\Program Files\Comodo\IceDragon\icedragon_updater.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\Dashlane.exe (Greatis Software) C:\Program Files\UnHackMe\hackmon.exe () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [36713096 2015-11-04] (Dropbox, Inc.) HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Run: [Dashlane] => C:\Users\Davina-Divine\AppData\Roaming\Dashlane\Dashlane.exe [227712 2015-10-28] () HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Run: [DashlanePlugin] => C:\Users\Davina-Divine\AppData\Roaming\Dashlane\DashlanePlugin.exe [285568 2015-10-28] () HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-19] (Piriform Ltd) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.) BootExecute: autocheck autochk * PartizanPCloudBroom.exe \systemroot\system32\BroomData.bit ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{1C861901-1A62-4C31-A871-8A33AE4073AA}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{26B12864-EF32-48D9-8560-C4F1D327A274}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{DA754577-4946-4694-ACEF-8F0EF042C470}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2091952882-4294398361-615148702-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2091952882-4294398361-615148702-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2091952882-4294398361-615148702-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKU\S-1-5-21-2091952882-4294398361-615148702-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Davina-Divine\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2015-10-28] (Dashlane) FireFox: ======== FF ProfilePath: C:\Users\Davina-Divine\AppData\Roaming\Mozilla\Firefox\Profiles\hiuj3mky.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [No File] FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [No File] FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-09-07] () FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-09-07] () FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-09-07] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2015-11-19] () FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2015-11-19] (Hola) FF Plugin HKU\S-1-5-21-2091952882-4294398361-615148702-1000: @hola.org/FlashPlayer -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll [2015-11-11] () FF Plugin HKU\S-1-5-21-2091952882-4294398361-615148702-1000: @hola.org/vlc -> C:\Users\Davina-Divine\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [2015-11-11] (Hola) FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-09-07] [not signed] FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-09-07] [not signed] FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-09-07] [not signed] FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com FF HKU\S-1-5-21-2091952882-4294398361-615148702-1000\...\Firefox\Extensions: [jetpack-extension@dashlane.com] - C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\Extensions\JetPack_expanded\jetpack-extension@dashlane.com FF Extension: Dashlane - C:\Users\Davina-Divine\AppData\Roaming\Dashlane\3.5.2.94798\Extensions\JetPack_expanded\jetpack-extension@dashlane.com [2015-10-28] [not signed] Chrome: ======= CHR Profile: C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-07] CHR Extension: (Google Docs) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-07] CHR Extension: (Google Drive) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (Google Search) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Kaspersky Protection) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-09-07] CHR Extension: (Session Buddy) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-09-18] CHR Extension: (Dashlane) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2015-11-25] CHR Extension: (Google Sheets) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-07] CHR Extension: (Google Docs Offline) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-12-02] CHR Extension: (Webproxy.net - Unblock any website) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpmikmnnnoacchojfpdgfdgpkfgajhim [2015-10-17] CHR Extension: (Similar Sites) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2015-10-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07] CHR Extension: (Gmail) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07] CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Davina-Divine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh [2015-12-01] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com) R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-27] (Kaspersky Lab ZAO) S2 BAsfIpM; C:\Windows\system32\basfipm.exe [77824 2004-04-01] (Broadcom Corp.) [File not signed] S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-03-14] (Intel Corporation) S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-07] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-07] (Dropbox, Inc.) R2 Freedome Service; C:\Program Files\F-Secure\Freedome\Freedome\1\FreedomeService.exe [379432 2015-10-21] (F-Secure Corporation) S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation) R2 IceDragonUpdater; C:\Program Files\Comodo\IceDragon\icedragon_updater.exe [1972408 2015-10-05] () R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242928 2013-07-17] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.) [File not signed] R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2525936 2013-07-17] (Intel® Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Acceler; C:\Windows\System32\DRIVERS\accelern.sys [44144 2012-05-23] (ST Microelectronics) R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.) R3 BTWAMPFL; C:\Windows\system32\drivers\btwampfl.sys [302120 2015-09-06] (Broadcom Corporation.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-06-27] (Kaspersky Lab UK Ltd) R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [368392 2013-02-20] (Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-06-27] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-06-27] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-06-27] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [692920 2015-10-06] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-06-27] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-06-27] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-06-27] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-06-27] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-27] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [72560 2015-06-27] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-10-06] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-12-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [48928 2013-01-23] (Intel Corporation) R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn00.sys [10375680 2013-05-29] (Intel Corporation) U0 Partizan; C:\Windows\System32\drivers\Partizan.sys [35816 2015-11-25] (Greatis Software) S3 RegGuard; C:\Windows\system32\Drivers\regguard.sys [24416 2015-12-01] (Greatis Software) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17904 2011-07-15] (ST Microelectronics) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [30248 2015-10-21] (The OpenVPN Project) S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X] S3 catchme; \??\C:\Users\DAVINA~1\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-03 13:16 - 2015-12-03 13:16 - 00019515 _____ C:\Users\Davina-Divine\Downloads\FRST.txt 2015-12-03 13:15 - 2015-12-03 13:16 - 00000000 ____D C:\FRST 2015-12-03 13:14 - 2015-12-03 13:14 - 01721344 _____ (Farbar) C:\Users\Davina-Divine\Downloads\FRST.exe 2015-12-02 00:22 - 2015-12-02 00:22 - 00198491 _____ C:\ComboFix.txt 2015-12-01 20:59 - 2015-12-02 00:22 - 00000000 ____D C:\Qoobox 2015-12-01 20:59 - 2015-12-02 00:19 - 00000000 ____D C:\Windows\erdnt 2015-12-01 20:59 - 2011-06-26 06:45 - 00256000 _____ C:\Windows\PEV.exe 2015-12-01 20:59 - 2010-11-07 17:20 - 00208896 _____ C:\Windows\MBR.exe 2015-12-01 20:59 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-12-01 20:59 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-12-01 20:59 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-12-01 20:59 - 2000-08-31 00:00 - 00098816 _____ C:\Windows\sed.exe 2015-12-01 20:59 - 2000-08-31 00:00 - 00080412 _____ C:\Windows\grep.exe 2015-12-01 20:59 - 2000-08-31 00:00 - 00068096 _____ C:\Windows\zip.exe 2015-12-01 20:55 - 2015-12-01 20:57 - 05639299 ____R (Swearware) C:\Users\Davina-Divine\Downloads\ComboFix.exe 2015-12-01 19:57 - 2015-12-01 19:57 - 00013182 _____ C:\Users\Davina-Divine\Desktop\attach.txt 2015-12-01 19:57 - 2015-12-01 19:56 - 00020164 _____ C:\Users\Davina-Divine\Desktop\dds.txt 2015-12-01 19:54 - 2015-12-01 19:55 - 00688992 ____R (Swearware) C:\Users\Davina-Divine\Downloads\dds.com 2015-12-01 19:28 - 2015-12-01 19:28 - 00002933 _____ C:\Users\Davina-Divine\Desktop\aswMBR.txt 2015-12-01 19:28 - 2015-12-01 19:28 - 00000512 _____ C:\Users\Davina-Divine\Desktop\MBR.dat 2015-12-01 17:50 - 2015-12-01 17:50 - 00000558 _____ C:\Windows\system32\BroomData.bit 2015-12-01 17:14 - 2015-12-01 17:15 - 05200384 _____ (AVAST Software) C:\Users\Davina-Divine\Downloads\aswmbr.exe 2015-12-01 16:59 - 2015-12-01 17:00 - 00380416 _____ C:\Users\Davina-Divine\Downloads\dolmkye1.exe 2015-12-01 16:47 - 2015-12-01 16:47 - 00001240 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk 2015-12-01 16:46 - 2015-12-01 16:46 - 00001266 _____ C:\Users\Public\Desktop\herdProtect.lnk 2015-12-01 16:45 - 2015-12-01 16:45 - 00001227 _____ C:\Users\Davina-Divine\Desktop\Should I Remove It.lnk 2015-12-01 16:45 - 2015-12-01 16:45 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin 2015-12-01 16:45 - 2015-12-01 16:45 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It 2015-12-01 00:16 - 2015-12-01 00:17 - 01125626 _____ C:\Users\Davina-Divine\Downloads\ProcessExplorer.zip 2015-12-01 00:02 - 2015-12-01 00:02 - 00086076 _____ C:\TDSSKiller.2.6.20.0_01.12.2015_00.02.04_log.txt 2015-11-29 18:39 - 2015-11-29 18:44 - 568565930 _____ C:\Users\Davina-Divine\Downloads\Slender - The Arrival (Www.ApunKaGames.Net).zip 2015-11-29 17:24 - 2015-11-29 17:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\37CE5554.sys 2015-11-28 17:30 - 2015-11-28 17:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\51860BDA.sys 2015-11-28 17:19 - 2015-11-28 17:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\068903AA.sys 2015-11-28 14:13 - 2015-12-01 00:01 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\CrashDumps 2015-11-26 11:12 - 2015-11-26 11:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-11-26 11:08 - 2015-11-26 11:32 - 00000000 ____D C:\Users\Davina-Divine\Desktop\mbar 2015-11-26 11:08 - 2015-11-26 11:08 - 00001535 _____ C:\Users\Davina-Divine\Desktop\JRT1.txt 2015-11-26 11:04 - 2015-11-26 11:04 - 00002474 _____ C:\Users\Davina-Divine\Desktop\Rkill1.txt 2015-11-26 11:02 - 2015-11-30 23:58 - 00002250 _____ C:\Users\Davina-Divine\Desktop\Rkill.txt 2015-11-26 10:43 - 2015-11-26 10:44 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Davina-Divine\Downloads\rkill.exe 2015-11-26 10:43 - 2015-11-26 10:44 - 01599336 _____ (Malwarebytes) C:\Users\Davina-Divine\Downloads\JRT.exe 2015-11-26 10:41 - 2015-11-26 10:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Davina-Divine\Downloads\mbar-1.09.3.1001.exe 2015-11-26 09:59 - 2015-11-26 10:03 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Dashlane 2015-11-26 09:59 - 2015-11-26 09:59 - 00513832 _____ (Dashlane inc.) C:\Users\Davina-Divine\Downloads\Dashlane_Launcher_bchrome-1441010438.exe 2015-11-26 09:49 - 2015-11-26 09:49 - 00038064 _____ C:\Users\Davina-Divine\Desktop\zoek-results.txt 2015-11-26 09:27 - 2015-11-26 00:41 - 00024064 _____ C:\Windows\zoek-delete.exe 2015-11-26 00:11 - 2015-11-26 00:11 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\OpenOffice 2015-11-25 23:30 - 2015-11-25 23:30 - 00262144 _____ C:\Windows\system32\config\elam 2015-11-25 22:54 - 2015-12-03 13:16 - 00000000 ____D C:\ProgramData\RegRun 2015-11-25 22:49 - 2015-11-25 22:50 - 00000000 ____D C:\Users\Davina-Divine\Desktop\RK_Quarantine 2015-11-25 22:33 - 2015-12-02 12:18 - 00000264 _____ C:\Windows\system32\PARTIZAN.TXT 2015-11-25 22:30 - 2015-11-25 22:30 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe 2015-11-25 22:25 - 2015-12-01 00:11 - 00024416 _____ (Greatis Software) C:\Windows\system32\Drivers\regguard.sys 2015-11-25 22:11 - 2015-11-25 22:11 - 00504554 _____ C:\Users\Davina-Divine\Desktop\regrunlog.txt 2015-11-25 21:45 - 2015-11-25 21:45 - 00003090 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-11-25 21:40 - 2015-11-25 21:40 - 00184620 _____ C:\Users\Davina-Divine\Downloads\JavaRa-2.6.1.zip 2015-11-25 21:35 - 2015-11-25 21:35 - 00000000 ____D C:\Windows\system32\appmgmt 2015-11-25 21:03 - 2015-11-25 23:26 - 00000000 ____D C:\zoek_backup 2015-11-25 17:56 - 2015-11-25 17:56 - 00002747 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk 2015-11-25 17:56 - 2015-11-25 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2015-11-25 17:43 - 2015-11-25 17:50 - 139457000 _____ (Sophos Limited) C:\Users\Davina-Divine\Downloads\Sophos Virus Removal Tool.exe 2015-11-25 17:42 - 2015-11-25 17:56 - 00000000 ____D C:\Program Files\Sophos 2015-11-25 17:42 - 2015-11-25 17:55 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos 2015-11-25 17:42 - 2015-11-25 17:42 - 00000000 ____D C:\ProgramData\Sophos 2015-11-25 17:38 - 2015-11-25 17:38 - 00000130 ___RH C:\Users\Davina-Divine\Downloads\Stinger.opt 2015-11-25 17:10 - 2015-11-25 17:15 - 00000821 _____ C:\Users\Davina-Divine\Downloads\Stinger_25112015_171009.html 2015-11-25 17:10 - 2015-11-25 17:10 - 00000000 ____D C:\Program Files\McAfee 2015-11-25 17:07 - 2015-11-25 17:08 - 15624560 _____ (McAfee Inc) C:\Users\Davina-Divine\Downloads\stinger32.exe 2015-11-25 16:15 - 2015-11-25 16:16 - 30625033 _____ C:\Users\Davina-Divine\Desktop\regrunck_result.txt 2015-11-25 15:55 - 2015-12-01 00:10 - 00000000 ____D C:\Users\Public\Documents\regruninfo 2015-11-25 15:55 - 2015-12-01 00:04 - 00000000 ____D C:\Users\Davina-Divine\Documents\RegRun2 2015-11-25 15:55 - 2015-11-25 15:55 - 00035816 _____ (Greatis Software) C:\Windows\system32\Drivers\Partizan.sys 2015-11-25 15:55 - 2015-11-25 15:55 - 00000913 _____ C:\Users\Davina-Divine\Desktop\UnHackMe.lnk 2015-11-25 15:55 - 2015-11-25 15:55 - 00000002 RSHOT C:\Windows\winstart.bat 2015-11-25 15:55 - 2015-11-25 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe 2015-11-25 15:55 - 2013-09-05 10:19 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\system32\Drivers\UnHackMeDrv.sys 2015-11-25 15:54 - 2015-12-01 00:03 - 00000000 ____D C:\Program Files\UnHackMe 2015-11-25 02:45 - 2015-12-01 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect 2015-11-25 02:45 - 2015-12-01 16:45 - 00000000 ____D C:\Program Files\Reason 2015-11-25 01:21 - 2015-11-25 01:21 - 00030454 _____ C:\Users\Davina-Divine\Downloads\DashlaneExport.xls 2015-11-25 01:08 - 2015-12-01 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2015-11-25 01:08 - 2015-11-25 01:08 - 00000000 ____D C:\Program Files\Panda Security 2015-11-25 00:56 - 2015-12-01 00:01 - 00000000 ____D C:\AdwCleaner 2015-11-25 00:52 - 2015-11-25 15:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit 2015-11-25 00:52 - 2015-11-25 03:52 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-11-25 00:44 - 2015-11-30 23:54 - 00001070 _____ C:\Users\Davina-Divine\Desktop\JRT.txt 2015-11-25 00:34 - 2015-11-25 00:34 - 00085176 _____ C:\TDSSKiller.2.6.20.0_25.11.2015_00.34.06_log.txt 2015-11-22 13:58 - 2015-11-22 14:25 - 120133206 _____ C:\Users\Davina-Divine\Downloads\480P_200k_28498621.mp4 2015-11-15 11:11 - 2015-11-15 11:11 - 00000388 _____ C:\Users\Davina-Divine\Documents\cc_20151115_111119.reg 2015-11-12 18:36 - 2015-12-03 12:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-12 14:24 - 2015-11-03 17:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-12 01:18 - 2015-11-12 01:18 - 00000011 _____ C:\Users\Davina-Divine\Documents\skype.txt 2015-11-11 23:06 - 2015-11-25 21:38 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-11-11 21:55 - 2015-11-25 15:36 - 00000000 ____D C:\Program Files\Common Files\Java 2015-11-11 21:52 - 2015-11-11 21:54 - 05617377 _____ C:\Users\Davina-Divine\Downloads\classtab.zip 2015-11-11 21:50 - 2015-11-11 21:50 - 00584288 _____ (Oracle Corporation) C:\Users\Davina-Divine\Downloads\jxpiinstall.exe 2015-11-11 21:40 - 2014-10-06 08:36 - 00287478 ____N C:\Users\Davina-Divine\Desktop\jszip.js 2015-11-11 21:40 - 2014-10-06 08:36 - 00007747 ____N C:\Users\Davina-Divine\Desktop\FileSaver.js 2015-11-11 21:39 - 2015-11-11 21:39 - 00075942 _____ C:\Users\Davina-Divine\Downloads\instatake-master.zip 2015-11-11 19:57 - 2015-11-11 19:58 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\iWesoft 2015-11-11 19:57 - 2015-11-11 19:57 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Instagram Downloader 2015-11-11 19:57 - 2015-11-11 19:57 - 00000000 ____D C:\Program Files\Instagram Downloader 2015-11-11 19:53 - 2015-11-11 19:54 - 03998208 _____ (iWesoft) C:\Users\Davina-Divine\Downloads\InstagramDownloader_setup.exe 2015-11-11 19:34 - 2015-11-03 21:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-11 19:34 - 2015-10-30 22:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-11 19:34 - 2015-10-30 22:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-11 19:34 - 2015-10-30 22:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 19:34 - 2015-10-30 22:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 19:34 - 2015-10-30 22:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-11 19:34 - 2015-10-30 22:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-11 19:34 - 2015-10-30 22:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-11 19:34 - 2015-10-30 22:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-11 19:34 - 2015-10-30 22:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 19:34 - 2015-10-30 22:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-11 19:34 - 2015-10-30 22:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-11 19:34 - 2015-10-30 22:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-11 19:34 - 2015-10-30 22:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 19:34 - 2015-10-30 22:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-11 19:34 - 2015-10-30 22:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-11 19:34 - 2015-10-30 22:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-11 19:34 - 2015-10-30 22:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-11 19:34 - 2015-10-30 22:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-11 19:34 - 2015-10-30 22:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-11 19:34 - 2015-10-30 22:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-11 19:34 - 2015-10-30 22:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-11 19:34 - 2015-10-30 22:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-11 19:34 - 2015-10-30 22:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-11 19:34 - 2015-10-30 22:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 19:34 - 2015-10-30 22:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-11 19:34 - 2015-10-30 22:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 19:34 - 2015-10-30 22:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 19:34 - 2015-10-30 22:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-11 19:34 - 2015-10-30 22:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-11 19:34 - 2015-10-30 22:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 19:34 - 2015-10-30 21:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 19:34 - 2015-10-30 21:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 19:34 - 2015-10-30 21:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 19:34 - 2015-10-20 00:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-11-11 19:34 - 2015-10-20 00:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 19:34 - 2015-10-20 00:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 19:34 - 2015-10-20 00:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-11 19:34 - 2015-10-20 00:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-11 19:34 - 2015-10-20 00:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-11 19:34 - 2015-10-20 00:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-11 19:34 - 2015-10-20 00:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-11 19:34 - 2015-10-20 00:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-11 19:34 - 2015-10-20 00:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-11 19:34 - 2015-10-20 00:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-11 19:34 - 2015-10-20 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-11 19:34 - 2015-10-20 00:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-11 19:34 - 2015-10-20 00:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-11 19:34 - 2015-10-19 23:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-11 19:34 - 2015-10-19 23:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 19:34 - 2015-10-19 23:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 19:34 - 2015-10-13 16:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 19:34 - 2015-10-13 16:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 19:34 - 2015-10-13 04:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-11 19:31 - 2015-09-23 13:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 19:31 - 2015-09-23 13:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-11 19:30 - 2015-10-20 17:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-11 19:30 - 2015-10-20 17:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 19:30 - 2015-10-20 17:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-11 19:30 - 2015-10-20 17:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 19:30 - 2015-10-20 17:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-11 19:30 - 2015-10-01 17:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-11 19:30 - 2015-10-01 17:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-10 17:00 - 2015-11-10 17:01 - 07368965 _____ C:\Users\Davina-Divine\Downloads\TL-WN722N_V1_140918.zip 2015-11-10 09:42 - 2015-11-10 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-06 00:58 - 2015-11-06 00:58 - 04619566 _____ C:\Users\Davina-Divine\Documents\vmbjqhyc.flv 2015-11-06 00:54 - 2015-11-06 00:56 - 09055670 _____ C:\Users\Davina-Divine\Documents\raddakgq.flv 2015-11-04 16:51 - 2015-11-04 16:52 - 05650915 _____ C:\Users\Davina-Divine\Downloads\Movie.wmv 2015-11-04 02:28 - 2015-11-14 13:02 - 00000000 ____D C:\Users\Davina-Divine\Documents\classtab 2015-11-03 01:39 - 2015-11-03 01:58 - 60728165 _____ C:\Users\Davina-Divine\Downloads\480P_600K_59658781.mp4 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-03 13:16 - 2009-07-14 02:37 - 00000000 ____D C:\Windows 2015-12-03 13:06 - 2015-09-07 12:47 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-03 12:58 - 2015-09-07 12:53 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-12-03 12:46 - 2015-09-07 12:29 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-12-03 12:41 - 2015-09-07 12:47 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-03 01:13 - 2015-09-06 22:03 - 00000000 ___HD C:\Windows\system32\WLANProfiles 2015-12-03 00:32 - 2015-10-03 14:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-02 13:58 - 2015-09-07 12:53 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-12-02 13:20 - 2015-09-08 14:43 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\MPC-HC 2015-12-02 12:26 - 2009-07-14 04:34 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-02 12:26 - 2009-07-14 04:34 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-02 12:24 - 2010-11-20 21:01 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-02 12:24 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf 2015-12-02 12:20 - 2015-09-30 13:30 - 00000000 ___RD C:\Users\Davina-Divine\Dropbox 2015-12-02 12:20 - 2015-09-07 12:52 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\Dropbox 2015-12-02 12:18 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-02 00:16 - 2009-07-14 02:04 - 00000215 _____ C:\Windows\system.ini 2015-12-01 21:04 - 2015-09-07 22:58 - 00000000 ____D C:\ProgramData\TEMP 2015-12-01 16:47 - 2015-09-08 13:10 - 00000000 ____D C:\Users\Davina-Divine\Downloads\clean 2015-11-28 14:16 - 2015-09-07 22:55 - 00000000 ____D C:\Program Files\System Ninja 2015-11-28 10:26 - 2015-09-14 01:55 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\vlc 2015-11-26 11:08 - 2015-09-07 13:01 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-11-26 10:03 - 2015-09-07 12:36 - 00001731 _____ C:\Users\Davina-Divine\Desktop\Dashlane.lnk 2015-11-26 10:03 - 2015-09-07 12:36 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2015-11-25 23:10 - 2009-07-14 02:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2015-11-25 21:41 - 2014-04-20 11:57 - 00000000 ____D C:\Users\Davina-Divine\Desktop\JavaRa-2.6 2015-11-25 21:38 - 2015-09-07 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-11-25 21:36 - 2015-09-07 12:48 - 00000000 ____D C:\Program Files\Java 2015-11-25 15:55 - 2009-07-14 02:04 - 00002577 _____ C:\Windows\system32\config.nt 2015-11-25 15:55 - 2009-07-14 02:04 - 00001688 _____ C:\Windows\system32\autoexec.nt 2015-11-25 15:38 - 2015-09-05 20:36 - 00000000 ____D C:\Users\Davina-Divine 2015-11-25 15:37 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\AppCompat 2015-11-25 15:36 - 2015-09-09 16:59 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Comodo 2015-11-25 15:36 - 2015-09-09 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2015-11-25 15:36 - 2015-09-09 16:59 - 00000000 ____D C:\Program Files\Comodo 2015-11-25 15:36 - 2015-09-07 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-11-25 15:36 - 2015-09-07 13:01 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-11-25 15:36 - 2015-09-07 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-11-25 15:36 - 2015-09-07 12:48 - 00000000 ____D C:\ProgramData\Oracle 2015-11-25 15:36 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\registration 2015-11-25 15:35 - 2015-09-07 13:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-25 01:06 - 2015-09-07 12:49 - 00000000 ____D C:\Users\Davina-Divine\.oracle_jre_usage 2015-11-24 13:30 - 2015-10-25 15:53 - 00000000 ____D C:\Users\Davina-Divine\AppData\Roaming\Hola 2015-11-23 11:15 - 2015-09-07 13:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-11-13 03:57 - 2009-07-14 04:33 - 00284336 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-12 18:36 - 2015-10-07 15:11 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-11-12 18:36 - 2015-10-07 15:11 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-11-12 04:04 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache 2015-11-12 03:25 - 2010-11-21 00:47 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-11 21:54 - 2015-09-07 12:49 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-11-11 18:56 - 2015-09-07 12:47 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-11-11 18:54 - 2015-09-07 22:58 - 00000000 ____D C:\Program Files\SpywareBlaster 2015-11-10 17:07 - 2015-09-06 14:52 - 00000000 ____D C:\Users\Davina-Divine\AppData\Local\ElevatedDiagnostics 2015-11-10 09:42 - 2015-09-07 12:52 - 00000000 ____D C:\Program Files\Dropbox 2015-11-07 17:45 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF Some files in TEMP: ==================== C:\Users\Davina-Divine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpi68i.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-12-01 18:58 ==================== End of FRST.txt ============================