Rainbow1112

Honorary Members
  • Content count

    78
  • Joined

  • Last visited

About Rainbow1112

  • Rank
    Regular Member
  • Birthday

Contact Methods

  • ICQ
    0
  1. Computer look good nw. i monitor for 2 days and the files are not appearing.
  2. JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Mar 01 20:39:36 2016 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. Found and removed: Applications\java.exe Found and removed: Applications\javaw.exe Found and removed: JavaPlugin.FamilyVersionSupport Found and removed: SOFTWARE\Classes\JavaPlugin Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0 Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Installer\Features\F60730A4A66673047777F5728467D401 Found and removed: SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\A5CCAAC40F5B69B47777ACF82566467C Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-applet Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-jnlp-file Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\.jar Found and removed: SOFTWARE\Classes\.jnlp Found and removed: SOFTWARE\Classes\jarfile Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0 Found and removed: SOFTWARE\Classes\JNLPFile Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} Found and removed: SOFTWARE\JavaSoft Found and removed: SOFTWARE\JreMetrics ------------------------------------ Finished reporting. I do not have firefox install so i am not sure why it have error cleaning the firefox files..
  3. I don't really remember if I set this or not. i google the address and it was used by okayfreedom vpn which i use sometimes.
  4. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.3 (02.09.2016) Operating System: Windows 10 Pro x64 Ran by WoShiProDevils (Administrator) on Sat 27/02/2016 at 16:17:50.22 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 17 Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) Successfully deleted: C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File) Successfully deleted: C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) Successfully deleted: C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage (File) Successfully deleted: C:\Users\WoShiProDevils\Appdata\LocalLow\.acestream (Folder) Successfully deleted: C:\Users\WoShiProDevils\AppData\Roaming\.acestream (Folder) Successfully deleted: C:\Users\WoShiProDevils\AppData\Roaming\acestream (Folder) Successfully deleted: C:\Users\WoShiProDevils\AppData\Roaming\acewebextension (Folder) Successfully deleted: C:\Users\WoShiProDevils\AppData\Roaming\iobit\driver booster (Folder) Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (WoShiProDevils) (Task) Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) Successfully deleted: C:\WINDOWS\prefetch\DRIVER_BOOSTER_SETUP.TMP-3D18250B.pf (File) Successfully deleted: C:\WINDOWS\prefetch\DRIVER_BOOSTER_SETUP.TMP-AB0FD22F.pf (File) Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-D5205666.pf (File) Registry: 1 Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AceWebException (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sat 27/02/2016 at 16:18:53.09 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v5.036 - Logfile created 27/02/2016 at 16:24:28 # Updated 22/02/2016 by Xplode # Database : 2016-02-24.1 [server] # Operating system : Windows 10 Pro (x64) # Username : WoShiProDevils - OWNER # Running from : C:\Users\WoShiProDevils\Downloads\Programs\AdwCleaner.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\_acestream_cache_ [-] Folder Deleted : C:\Hola [-] Folder Deleted : C:\Program Files\Hola [x] Folder Not Deleted : C:\Program Files (x86)\Applian Technologies [x] Folder Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies [-] Folder Deleted : C:\Users\WoShiProDevils\AppData\Local\Hola [-] Folder Deleted : C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjngckebbndpdeeakdgohmcdnecidcjk [-] Folder Deleted : C:\Users\WoShiProDevils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media ***** [ Files ] ***** [-] File Deleted : C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hjngckebbndpdeeakdgohmcdnecidcjk_0.localstorage [-] File Deleted : C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hjngckebbndpdeeakdgohmcdnecidcjk_0.localstorage-journal [-] File Deleted : C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hjngckebbndpdeeakdgohmcdnecidcjk ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKCU\Software\Classes\Applications\ace_player.exe [-] Key Deleted : HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive [-] Key Deleted : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.0.12 [-] Key Deleted : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17} [-] Key Deleted : HKCU\Software\AceStream [-] Key Deleted : HKCU\Software\Hola [-] Key Deleted : HKCU\Software\PRODUCTSETUP [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream [-] Key Deleted : [x64] HKLM\SOFTWARE\Hola [-] Key Deleted : HKU\.DEFAULT\Software\Hola [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com [-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com [-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com [-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AceUpdater] [-] Key Deleted : HKCU\Software\Classes\.acelive [-] Key Deleted : HKCU\Software\Classes\.acemedia [-] Key Deleted : HKCU\Software\Classes\.acestream [-] Key Deleted : HKCU\Software\Classes\.tslive [-] Key Deleted : HKCU\Software\Classes\acestream [-] Key Deleted : HKCU\Software\Classes\AceStream.file ***** [ Web browsers ] ***** [-] [C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : hjngckebbndpdeeakdgohmcdnecidcjk ************************* :: "Tracing" keys removed :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4234 bytes] - [27/02/2016 16:24:28] C:\AdwCleaner\AdwCleaner[s1].txt - [4068 bytes] - [27/02/2016 16:20:36] C:\AdwCleaner\AdwCleaner[s2].txt - [4141 bytes] - [27/02/2016 16:23:09] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4453 bytes] ########## Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 27/2/2016 Scan Time: 4:26 PM Logfile: Administrator: Yes Version: 2.2.0.1024 Malware Database: v2016.02.26.07 Rootkit Database: v2016.02.17.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: WoShiProDevils Scan Type: Threat Scan Result: Completed Objects Scanned: 368580 Time Elapsed: 4 min, 48 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016 Ran by WoShiProDevils (administrator) on OWNER (27-02-2016 16:31:48) Running from C:\Users\WoShiProDevils\Downloads\Programs Loaded Profiles: WoShiProDevils (Available Profiles: WoShiProDevils) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SUpdateNotifier.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe (Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Secure Backup\mbsbscan.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8522496 2015-12-26] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70080 2015-05-08] () HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-03] (Intel Corporation) HKLM-x32\...\Run: [super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI) HKLM-x32\...\Run: [sOSUAUI] => C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe [55704 2014-03-19] (Malwarebytes Secure Backup) HKLM-x32\...\Run: [sMessaging] => C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe [65432 2014-03-19] (Malwarebytes Secure Backup) HKLM-x32\...\Run: [AccountCreatorRunner] => C:\Program Files (x86)\Malwarebytes Secure Backup\AccountCreatorRunner.exe [22424 2014-03-19] (Malwarebytes Secure Backup) HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2521944 2014-10-06] (Juniper Networks, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-17] (Dropbox, Inc.) HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596016 2016-01-29] (Oracle Corporation) HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\Run: [360cloud] => C:\Program Files (x86)\360\360WangPan\360WangPan.exe [14508144 2015-04-10] (360.cn) HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\Run: [spotify Web Helper] => C:\Users\WoShiProDevils\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-21] (Spotify Ltd) HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\Run: [spotify] => C:\Users\WoShiProDevils\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-21] (Spotify Ltd) HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [1403392 2016-02-12] (Tonec Inc.) HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\RunOnce: [uninstall C:\Users\WoShiProDevils\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\WoShiProDevils\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\RunOnce: [uninstall C:\Users\WoShiProDevils\AppData\Local\Microsoft\OneDrive\17.3.6281.1202] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\WoShiProDevils\AppData\Local\Microsoft\OneDrive\17.3.6281.1202" AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2014-06-10] (Jaksta Technologies Pty Ltd) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => No File ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => No File ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => No File ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-20] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-20] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-20] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [s-1-5-21-810425901-1927846891-3043253424-1001] => hxxp://127.0.0.1:8445/okf.pac Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3b10ddc4-7b68-4cfb-bec8-a741abf30044}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{3e9b6031-7218-4a02-9c33-d9e30c2e0c13}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e8f1ebc2-52e2-4bcc-a6cb-bf452f446492}: [NameServer] 152.226.108.26,152.226.108.27 ManualProxies: 0http://127.0.0.1:8445/okf.pac Internet Explorer: ================== BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-20] (Microsoft Corporation) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-26] (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-20] (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-26] (Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-02-20] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-20] (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) FireFox: ======== FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-17] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-810425901-1927846891-3043253424-1001: @hola.org/vlc,version=1.7.49 -> C:\Users\WoShiProDevils\AppData\Local\Hola\firefox\app\vlc [No File] FF Plugin HKU\S-1-5-21-810425901-1927846891-3043253424-1001: @spoon.net/Spoon Plugin 3.33 -> C:\Users\WoShiProDevils\AppData\Local\Spoon\3.33.8.488\npMozillaSpoonPlugin.dll [No File] FF HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\WoShiProDevils\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found FF HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\WoShiProDevils\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\WoShiProDevils\AppData\Roaming\IDM\idmmzcc5 [2015-12-22] [not signed] FF HKU\S-1-5-21-810425901-1927846891-3043253424-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-01-27] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com" CHR Profile: C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04] CHR Extension: (Gom VPN - Bypass and unblock) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckiahbcmlmkpfiijecbpflfahoimklke [2016-02-16] CHR Extension: (Enable right click) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2015-12-07] CHR Extension: (ShopBack Cashback Button) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjngckebbndpdeeakdgohmcdnecidcjk [2016-02-27] CHR Extension: (Norton Identity Safe) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-17] CHR Extension: (Ace Stream Web Extension) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2015-12-27] CHR Extension: (IDM Integration Module) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\WoShiProDevils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <no Path/update_url> CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11] CHR HKU\S-1-5-21-810425901-1927846891-3043253424-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-10] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-10] (Dropbox, Inc.) R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-05-08] () R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [4333712 2015-05-12] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation) S3 intelsba; C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [58280 2015-12-07] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177288 2015-05-29] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [345632 2015-07-08] (Steganos Software GmbH) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-07] (Electronic Arts) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 sagentservice; C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe [41880 2014-03-19] (Malwarebytes Secure Backup) R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [2032344 2015-05-14] (VMware, Inc.) R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (VMware) S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed] S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [530648 2015-05-26] (VMware, Inc.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.) R1 appliand; C:\Windows\system32\DRIVERS\appliand.sys [30304 2013-02-06] (Applian Technologies Inc.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems) S3 EagleX64; C:\WINDOWS\system32\drivers\EagleX64.sys [145624 2015-08-04] (AhnLab, Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-26] (REALiX) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] () R1 jnprns; C:\Windows\system32\DRIVERS\jnprns.sys [507192 2014-08-20] (Juniper Networks) S4 jnprTdi_807_50111; C:\Windows\system32\Drivers\jnprTdi_807_50111.sys [108344 2014-10-06] (Juniper Networks, Inc.) R3 JnprVaMgr; C:\Windows\System32\drivers\jnprvamgr.sys [45352 2014-08-20] (Juniper Networks, Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-27] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2016-01-22] (Realtek ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-01-24] (Synaptics Incorporated) S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-12-23] (Anchorfree Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-27 16:23 - 2016-02-27 16:23 - 00000000 ____D C:\Program Files (x86)\ESET 2016-02-27 16:20 - 2016-02-27 16:24 - 00000000 ____D C:\AdwCleaner 2016-02-27 16:18 - 2016-02-27 16:18 - 00002415 _____ C:\Users\WoShiProDevils\Desktop\JRT.txt 2016-02-27 16:14 - 2016-02-27 16:14 - 00000000 ___HD C:\OneDriveTemp 2016-02-27 10:05 - 2016-02-27 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2016-02-27 10:05 - 2016-02-27 10:05 - 00000000 ____D C:\Program Files (x86)\ERUNT 2016-02-25 21:56 - 2016-02-25 21:56 - 06837784 _____ (Piriform Ltd) C:\Users\WoShiProDevils\Downloads\ccsetup515.exe 2016-02-25 21:56 - 2016-02-25 21:56 - 06837784 _____ (Piriform Ltd) C:\Users\WoShiProDevils\Downloads\ccsetup515 (1).exe 2016-02-21 19:19 - 2016-02-21 19:23 - 00000485 _____ C:\Users\WoShiProDevils\Desktop\Dual Port Charger Type C + Quick Charge 3.0.txt 2016-02-21 17:49 - 2016-02-27 16:31 - 00000000 ____D C:\FRST 2016-02-20 10:46 - 2016-02-20 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-14 14:55 - 2016-02-14 14:55 - 00000000 ____D C:\Program Files (x86)\AMWE 2016-02-11 22:26 - 2016-01-28 17:20 - 00209056 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys 2016-02-10 22:29 - 2016-01-22 10:52 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2016-02-10 16:29 - 2016-01-29 14:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 16:29 - 2016-01-29 14:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 16:29 - 2016-01-27 14:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 16:29 - 2016-01-27 14:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 16:29 - 2016-01-27 14:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 16:29 - 2016-01-27 14:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 16:29 - 2016-01-27 14:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 16:29 - 2016-01-27 13:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 16:29 - 2016-01-27 13:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 16:29 - 2016-01-27 13:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 16:29 - 2016-01-27 13:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 16:29 - 2016-01-27 13:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 16:29 - 2016-01-27 13:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 16:29 - 2016-01-27 13:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 16:29 - 2016-01-27 13:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 16:29 - 2016-01-27 13:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 16:29 - 2016-01-27 13:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 16:29 - 2016-01-27 13:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 16:29 - 2016-01-27 13:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 16:29 - 2016-01-27 13:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 16:29 - 2016-01-27 13:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 16:29 - 2016-01-27 13:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 16:29 - 2016-01-27 13:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 16:29 - 2016-01-27 13:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 16:29 - 2016-01-27 13:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 16:29 - 2016-01-27 13:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 16:29 - 2016-01-27 13:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 16:29 - 2016-01-27 13:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 16:29 - 2016-01-27 13:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 16:29 - 2016-01-27 13:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 16:29 - 2016-01-27 13:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 16:29 - 2016-01-27 13:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 16:29 - 2016-01-27 13:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 16:29 - 2016-01-27 13:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 16:29 - 2016-01-27 13:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 16:29 - 2016-01-27 13:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 16:29 - 2016-01-27 13:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 16:29 - 2016-01-27 13:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 16:29 - 2016-01-27 13:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 16:29 - 2016-01-27 13:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 16:29 - 2016-01-27 13:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 16:29 - 2016-01-27 13:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 16:29 - 2016-01-27 13:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 16:29 - 2016-01-27 12:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 16:29 - 2016-01-27 12:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 16:29 - 2016-01-27 12:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 16:29 - 2016-01-27 12:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 16:29 - 2016-01-27 12:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 16:29 - 2016-01-27 12:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 16:29 - 2016-01-27 12:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 16:29 - 2016-01-27 12:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 16:29 - 2016-01-27 12:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 16:29 - 2016-01-27 12:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 16:29 - 2016-01-27 12:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 16:29 - 2016-01-27 12:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 16:29 - 2016-01-27 12:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 16:29 - 2016-01-27 12:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 16:29 - 2016-01-27 12:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 16:29 - 2016-01-27 12:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 16:29 - 2016-01-27 12:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 16:29 - 2016-01-27 12:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 16:29 - 2016-01-27 12:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 16:29 - 2016-01-27 12:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 16:29 - 2016-01-27 12:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 16:29 - 2016-01-27 12:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-07 15:19 - 2016-02-07 15:19 - 00003022 _____ C:\WINDOWS\System32\Tasks\klcp_update 2016-02-07 15:19 - 2016-02-07 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-02-07 15:19 - 2016-02-07 15:19 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2016-02-02 22:43 - 2016-01-23 09:01 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-02-02 22:43 - 2016-01-23 09:01 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-02-02 22:43 - 2016-01-23 08:47 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-02-02 22:42 - 2016-01-23 11:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00541184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00445912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2016-02-02 22:42 - 2016-01-23 11:31 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-02-02 22:38 - 2015-12-18 14:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2016-02-02 22:38 - 2015-12-18 14:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2016-01-31 12:03 - 2016-01-31 12:03 - 00000000 ____D C:\KVRT_Data 2016-01-30 20:28 - 2016-01-30 20:28 - 00000000 ____D C:\NPE 2016-01-30 20:27 - 2016-01-30 20:36 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Local\NPE 2016-01-28 19:38 - 2016-01-16 14:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 19:38 - 2016-01-16 14:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 19:38 - 2016-01-16 14:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 19:38 - 2016-01-16 14:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 19:38 - 2016-01-16 14:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 19:38 - 2016-01-16 14:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 19:38 - 2016-01-16 14:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 19:38 - 2016-01-16 14:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 19:38 - 2016-01-16 14:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 19:38 - 2016-01-16 14:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 19:38 - 2016-01-16 14:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 19:38 - 2016-01-16 14:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 19:38 - 2016-01-16 14:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 19:38 - 2016-01-16 14:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 19:38 - 2016-01-16 14:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 19:38 - 2016-01-16 14:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 19:38 - 2016-01-16 14:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 19:38 - 2016-01-16 14:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 19:38 - 2016-01-16 14:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 19:38 - 2016-01-16 14:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 19:38 - 2016-01-16 14:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 19:38 - 2016-01-16 14:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 19:38 - 2016-01-16 13:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 19:38 - 2016-01-16 13:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 19:38 - 2016-01-16 13:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 19:38 - 2016-01-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 19:38 - 2016-01-16 13:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 19:38 - 2016-01-16 13:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 19:38 - 2016-01-16 13:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 19:38 - 2016-01-16 13:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 19:38 - 2016-01-16 13:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 19:38 - 2016-01-16 13:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 19:38 - 2016-01-16 13:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 19:38 - 2016-01-16 13:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 19:38 - 2016-01-16 13:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 19:38 - 2016-01-16 13:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 19:38 - 2016-01-16 13:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 19:38 - 2016-01-16 13:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 19:38 - 2016-01-16 13:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 19:38 - 2016-01-16 13:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 19:38 - 2016-01-16 13:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 19:38 - 2016-01-16 13:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 19:38 - 2016-01-16 13:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 19:38 - 2016-01-16 13:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 19:38 - 2016-01-16 13:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 19:38 - 2016-01-16 13:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 19:38 - 2016-01-16 13:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 19:38 - 2016-01-16 13:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 19:38 - 2016-01-16 13:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 19:38 - 2016-01-16 13:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 19:38 - 2016-01-16 13:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 19:38 - 2016-01-16 13:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 19:38 - 2016-01-16 13:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 19:38 - 2016-01-16 13:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 19:38 - 2016-01-16 13:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 19:38 - 2016-01-16 13:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 19:38 - 2016-01-16 13:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 19:38 - 2016-01-16 13:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 19:38 - 2016-01-16 13:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 19:38 - 2016-01-16 13:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 19:38 - 2016-01-16 13:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 19:38 - 2016-01-16 13:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 19:38 - 2016-01-16 13:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 19:38 - 2016-01-16 13:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 19:38 - 2016-01-16 13:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 19:38 - 2016-01-16 13:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 19:38 - 2016-01-16 13:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 19:38 - 2016-01-16 13:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 19:38 - 2016-01-16 13:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 19:38 - 2016-01-16 13:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 19:38 - 2016-01-16 13:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 19:38 - 2016-01-16 13:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 19:38 - 2016-01-16 13:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 19:38 - 2016-01-16 13:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 19:38 - 2016-01-16 13:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 19:38 - 2016-01-16 13:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 19:38 - 2016-01-16 13:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 19:38 - 2016-01-16 13:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 19:38 - 2016-01-16 13:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 19:38 - 2016-01-16 13:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 19:38 - 2016-01-16 13:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 19:38 - 2016-01-16 13:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 19:38 - 2016-01-16 13:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 19:38 - 2016-01-16 13:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 19:38 - 2016-01-16 13:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 19:38 - 2016-01-16 13:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 19:38 - 2016-01-16 13:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 19:38 - 2016-01-16 13:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 19:38 - 2016-01-16 13:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 19:38 - 2016-01-16 13:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 19:38 - 2016-01-16 13:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 19:38 - 2016-01-16 13:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 19:38 - 2016-01-16 13:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 19:38 - 2016-01-16 13:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 19:38 - 2016-01-16 13:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 19:38 - 2016-01-16 13:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 19:38 - 2016-01-16 13:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 19:38 - 2016-01-16 13:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 19:38 - 2016-01-16 13:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 19:38 - 2016-01-16 13:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 19:38 - 2016-01-16 13:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 19:38 - 2016-01-16 13:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 19:38 - 2016-01-16 13:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 19:38 - 2016-01-16 13:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 19:38 - 2016-01-16 13:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 19:38 - 2016-01-16 13:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 19:38 - 2016-01-16 13:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 19:38 - 2016-01-16 13:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-28 17:36 - 2016-01-28 17:36 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-27 16:31 - 2015-10-30 15:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-27 16:31 - 2015-07-29 23:34 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-27 16:30 - 2015-03-12 18:53 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-27 16:25 - 2015-11-13 19:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-27 16:25 - 2015-11-13 19:26 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-27 16:25 - 2015-08-10 20:38 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-02-27 16:25 - 2015-03-12 18:53 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-27 16:25 - 2015-03-09 10:38 - 00000490 _____ C:\WINDOWS\Tasks\Online Backup Update Notifier.job 2016-02-27 16:25 - 2014-12-17 19:40 - 00000000 ___RD C:\Users\WoShiProDevils\Dropbox 2016-02-27 16:25 - 2014-12-17 19:39 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\Dropbox 2016-02-27 16:25 - 2014-12-17 13:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-27 16:25 - 2014-12-17 12:51 - 00000000 __RDO C:\Users\WoShiProDevils\OneDrive 2016-02-27 16:24 - 2015-10-30 14:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-27 16:24 - 2014-12-19 10:37 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Local\CrashDumps 2016-02-27 16:23 - 2014-12-17 14:04 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A8CD187-9DFA-4CF9-BE96-81E02A08EE53} 2016-02-27 16:18 - 2015-12-26 15:24 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\IObit 2016-02-27 16:18 - 2015-12-26 15:24 - 00000000 ____D C:\ProgramData\IObit 2016-02-27 16:18 - 2015-12-26 15:24 - 00000000 ____D C:\Program Files (x86)\IObit 2016-02-27 16:16 - 2014-12-17 13:34 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\IDM 2016-02-27 16:15 - 2014-12-17 14:03 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-27 12:01 - 2014-12-17 13:34 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\DMCache 2016-02-27 11:43 - 2015-08-10 20:38 - 00000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-02-27 11:10 - 2016-01-15 18:30 - 00000000 ____D C:\Users\WoShiProDevils\Desktop\Idol Pic 2016-02-27 10:45 - 2014-12-17 13:34 - 00000000 ____D C:\Users\WoShiProDevils\Downloads\Video 2016-02-27 10:08 - 2014-12-17 12:48 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Local\VirtualStore 2016-02-26 21:56 - 2015-09-03 17:07 - 00000000 ____D C:\Users\WoShiProDevils\.oracle_jre_usage 2016-02-26 21:56 - 2015-01-06 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2016-02-26 21:56 - 2014-12-17 13:51 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2016-02-26 21:56 - 2014-12-17 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-02-26 21:56 - 2014-12-17 13:51 - 00000000 ____D C:\Program Files\Java 2016-02-26 18:07 - 2015-10-30 15:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-26 18:07 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-25 07:51 - 2014-12-17 13:34 - 00000000 ____D C:\Users\WoShiProDevils\Downloads\Compressed 2016-02-23 21:31 - 2015-08-25 20:01 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\Spotify 2016-02-23 21:17 - 2015-08-25 20:01 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Local\Spotify 2016-02-23 21:04 - 2014-12-17 13:34 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2016-02-23 19:20 - 2014-12-17 14:23 - 00002421 _____ C:\Users\WoShiProDevils\Desktop\New Text Document.txt 2016-02-23 17:03 - 2014-12-17 14:26 - 00000000 ____D C:\Users\WoShiProDevils\Desktop\Shirlene folder=) 2016-02-22 18:50 - 2014-12-17 14:23 - 00000000 ___RD C:\Users\WoShiProDevils\Desktop\Mass Order 2016-02-21 19:19 - 2015-07-07 07:49 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\VMware 2016-02-21 15:27 - 2016-01-24 13:37 - 00000000 ____D C:\Users\WoShiProDevils\Desktop\EMK 2016-02-20 11:30 - 2015-03-12 18:53 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-20 11:01 - 2015-10-30 15:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-20 11:01 - 2014-12-17 14:30 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-02-20 10:46 - 2015-08-10 20:38 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-02-20 00:35 - 2015-11-03 21:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-14 22:46 - 2014-12-17 13:57 - 00000000 ____D C:\ProgramData\Origin 2016-02-14 14:55 - 2015-07-04 12:42 - 00000904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMWE.lnk 2016-02-14 14:55 - 2015-07-04 12:42 - 00000892 _____ C:\Users\Public\Desktop\AMWE.lnk 2016-02-13 13:57 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 23:05 - 2015-10-30 15:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-10 22:29 - 2014-12-17 12:52 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-02-10 21:51 - 2014-12-17 12:48 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 21:49 - 2015-10-30 17:07 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 18:07 - 2014-12-17 14:46 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 18:04 - 2014-12-17 14:46 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-08 12:16 - 2015-11-11 19:05 - 00004122 _____ C:\Users\WoShiProDevils\Desktop\Pocket MapleStory Build.txt 2016-02-07 20:13 - 2014-12-17 13:57 - 00000000 ____D C:\Program Files (x86)\Origin 2016-02-06 12:34 - 2015-09-26 10:13 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LG Bridge.Lnk 2016-02-06 12:34 - 2015-06-26 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Bridge 2016-02-05 20:34 - 2015-07-29 23:32 - 00002425 _____ C:\Users\WoShiProDevils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-04 22:45 - 2015-12-18 18:45 - 00000000 ____D C:\Users\WoShiProDevils\Desktop\G4 Backup 2016-02-04 13:32 - 2014-12-17 12:48 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Local\Packages 2016-02-04 03:01 - 2015-10-30 15:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-04 03:01 - 2015-10-30 15:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-02 22:57 - 2015-11-13 19:27 - 00000000 ____D C:\Users\WoShiProDevils 2016-02-02 22:44 - 2015-11-13 19:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-02-02 22:44 - 2014-12-17 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-02-02 22:43 - 2015-11-13 19:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-02-02 22:39 - 2014-12-17 12:58 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Local\NVIDIA 2016-02-02 19:25 - 2015-03-12 18:53 - 00003744 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-02 19:25 - 2014-12-17 12:55 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-01 18:28 - 2015-12-26 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 2016-01-30 20:27 - 2014-12-17 13:37 - 00000000 ____D C:\ProgramData\Norton 2016-01-30 20:22 - 2014-12-17 13:39 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2016-01-30 20:21 - 2015-12-04 07:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2016-01-30 20:02 - 2015-10-28 15:57 - 00000000 ____D C:\Users\WoShiProDevils\AppData\Roaming\vlc 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-29 08:01 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-28 21:58 - 2015-12-04 19:18 - 00000000 ____D C:\WINDOWS\Minidump 2016-01-28 21:58 - 2015-10-30 15:24 - 00000000 ____D C:\WINDOWS\ModemLogs ==================== Files in the root of some directories ======= 2015-03-07 16:01 - 2015-03-07 16:01 - 0000695 _____ () C:\Users\WoShiProDevils\AppData\Local\recently-used.xbel Some files in TEMP: ==================== C:\Users\WoShiProDevils\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-17 19:57 ==================== End of FRST.txt ============================ I could not run the eset online scanner. it download the database and gave error cant download database file due to proxy.
  5. RKill log Rkill 2.8.3 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2016 BleepingComputer.comMore Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 02/27/2016 10:06:58 AM in x64 mode.Windows Version: Windows 10 Pro Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * fcvsc [Missing Service] * HdAudAddService [Missing Service] * HyperVideo [Missing Service] * netvsc [Missing Service] * wfpcapture [Missing Service] * CompositeBus => \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys [incorrect ImagePath] * NgcSvc => %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted [incorrect ImagePath] * swenum => \SystemRoot\System32\drivers\swenum.sys [incorrect ImagePath] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost ::1 localhost #[iPv6] 0.0.0.0 fr.a2dfp.net 0.0.0.0 m.fr.a2dfp.net 0.0.0.0 mfr.a2dfp.net 0.0.0.0 ad.a8.net 0.0.0.0 asy.a8ww.net 0.0.0.0 static.a-ads.com 0.0.0.0 atlas.aamedia.ro 0.0.0.0 abcstats.com 0.0.0.0 ad4.abradio.cz 0.0.0.0 a.abv.bg 0.0.0.0 adserver.abv.bg 0.0.0.0 adv.abv.bg 0.0.0.0 bimg.abv.bg 0.0.0.0 ca.abv.bg 0.0.0.0 www2.a-counter.kiev.ua 0.0.0.0 track.acclaimnetwork.com 0.0.0.0 accuserveadsystem.com 0.0.0.0 www.accuserveadsystem.com 20 out of 13674 HOSTS entries shown. Please review HOSTS file for further entries. Program finished at: 02/27/2016 10:07:07 AMExecution time: 0 hours(s), 0 minute(s), and 9 seconds(s) Malwarebytes Log Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 27/2/2016Scan Time: 10:09 AMLogfile: Administrator: Yes Version: 2.2.0.1024Malware Database: v2016.02.26.07Rootkit Database: v2016.02.17.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 10CPU: x64File System: NTFSUser: WoShiProDevils Scan Type: Threat ScanResult: CompletedObjects Scanned: 369299Time Elapsed: 4 min, 58 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 1PUP.Optional.AceWebExtension, HKU\S-1-5-21-810425901-1927846891-3043253424-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AceWebException, C:\Users\WoShiProDevils\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe, , [92bd4a1bd1c866d0ae64786652b19070] Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
  6. FRST.txtAddition.txt Random files are being generated on my desktop. check the property and those files are 0kb and i cant delete/locate them on my desktop. i am not sure if i am infected by virus so just checking to be sure.