Jump to content

Need Help Deleting LavasoftTcpService64.dll files


Recommended Posts

Thanks in advance for the help. I am currently dealing with a program that Lavasoft has left behind on my computer. I have already uninstalled the program itself but two Lavasoft programs still remain. Malwarebytes didn't pick up on it nor did any other programs. Any help would be greatly appreciated. 

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt and Shortcut.txt are checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.


 

Let me see those logs...

 

Thank you,

 

Kevin...

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 12/8/2015

Scan Time: 4:24 PM

Logfile: 

Administrator: Yes

 

Version: 2.2.0.1024

Malware Database: v2015.12.08.04

Rootkit Database: v2015.12.07.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 10

CPU: x64

File System: NTFS

User: King Rapp

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 341784

Time Elapsed: 20 min, 8 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015

Ran by King Rapp (administrator) on KINGRAPP (08-12-2015 16:52:45)

Running from C:\Users\King Rapp\Downloads

Loaded Profiles: King Rapp (Available Profiles: King Rapp)

Platform: Windows 10 Home (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7632088 2014-06-10] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [uninstall C:\Users\King Rapp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\King Rapp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2269360 2015-11-25] (Adobe Systems Incorporated)

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [Adobe Speed Launcher] => 1449609650

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 05 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{1772a3c4-e8c1-4f50-884d-c02b44d312c2}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{3e2461c1-c189-4201-aa8c-3eaf9830b6b8}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc}: [DhcpNameServer] 192.168.0.2

 

Internet Explorer:

==================

SearchScopes: HKU\S-1-5-21-985922411-3085202454-4168001255-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)

 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)

FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Profile: C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15]

CHR Extension: (Google Docs) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15]

CHR Extension: (Google Drive) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]

CHR Extension: (YouTube) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]

CHR Extension: (Adblock Plus) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-26]

CHR Extension: (Google Search) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]

CHR Extension: (Google Sheets) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15]

CHR Extension: (Google Docs Offline) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-26]

CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2015-11-26]

CHR Extension: (Chrome Web Store Payments) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15]

CHR Extension: (Gmail) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)

R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-09] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-09] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [52456 2015-10-16] (UB658)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-08] (Malwarebytes)

R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2512016 2015-06-17] (MediaTek Inc.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-17] (Realtek                                            )

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-09] ()

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-09] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-12-08 16:52 - 2015-12-08 16:53 - 00014597 _____ C:\Users\King Rapp\Downloads\FRST.txt

2015-12-08 16:52 - 2015-12-08 16:52 - 00000000 ____D C:\FRST

2015-12-08 16:51 - 2015-12-08 16:51 - 02369024 _____ (Farbar) C:\Users\King Rapp\Downloads\FRST64.exe

2015-12-08 16:50 - 2015-12-08 16:51 - 01719808 _____ (Farbar) C:\Users\King Rapp\Downloads\FRST.exe

2015-12-08 16:44 - 2015-12-08 16:44 - 00016148 _____ C:\WINDOWS\system32\KINGRAPP_King Rapp_HistoryPrediction.bin

2015-12-08 02:28 - 2015-12-08 02:28 - 07086848 _____ C:\Users\King Rapp\Downloads\OBS_0_657b_Installer (1).exe

2015-12-07 20:40 - 2015-12-07 20:41 - 35901440 _____ C:\Users\King Rapp\Downloads\VideoCaptureSetup_1.15.2 (1).msi

2015-12-07 20:39 - 2015-12-07 20:39 - 35901440 _____ C:\Users\King Rapp\Downloads\VideoCaptureSetup_1.15.2.msi

2015-12-07 20:37 - 2015-12-07 20:37 - 03220128 _____ (Elgato Systems) C:\Users\King Rapp\Downloads\Video_Capture_Driver_Installer.exe

2015-12-07 03:07 - 2015-12-07 03:07 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

2015-12-07 03:06 - 2015-11-24 13:42 - 00102704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2015-12-07 03:05 - 2015-11-24 18:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00601424 _____ C:\WINDOWS\system32\nvmcumd.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00503416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00446768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-12-04 23:28 - 2015-12-04 23:28 - 07086848 _____ C:\Users\King Rapp\Downloads\OBS_0_657b_Installer.exe

2015-12-02 01:08 - 2015-12-02 01:08 - 670061122 _____ C:\WINDOWS\MEMORY.DMP

2015-12-02 01:08 - 2015-12-02 01:08 - 00346336 _____ C:\WINDOWS\Minidump\120215-14093-01.dmp

2015-12-02 01:08 - 2015-12-02 01:08 - 00000000 ____D C:\WINDOWS\Minidump

2015-12-01 19:54 - 2015-12-01 19:55 - 00000000 ___HD C:\$WINDOWS.~BT

2015-11-30 03:02 - 2015-11-15 22:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll

2015-11-30 03:02 - 2015-11-15 22:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll

2015-11-30 03:02 - 2015-11-15 22:54 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

2015-11-30 02:58 - 2015-11-12 13:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll

2015-11-10 19:57 - 2015-11-05 00:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-11-10 19:57 - 2015-11-05 00:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2015-11-10 19:57 - 2015-11-05 00:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-11-10 19:57 - 2015-11-05 00:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2015-11-10 19:57 - 2015-11-05 00:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-11-10 19:57 - 2015-11-05 00:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-11-10 19:57 - 2015-11-05 00:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2015-11-10 19:57 - 2015-11-05 00:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2015-11-10 19:57 - 2015-11-04 23:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-11-10 19:57 - 2015-11-04 23:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2015-11-10 19:57 - 2015-11-04 23:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2015-11-10 19:57 - 2015-11-04 23:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-11-10 19:57 - 2015-11-04 23:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-11-10 19:57 - 2015-11-04 23:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2015-11-10 19:57 - 2015-11-04 23:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2015-11-10 19:57 - 2015-11-04 23:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-11-10 19:57 - 2015-11-04 23:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-11-10 19:57 - 2015-11-04 23:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2015-11-10 19:57 - 2015-11-04 23:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2015-11-10 19:57 - 2015-11-04 23:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-11-10 19:57 - 2015-11-04 23:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll

2015-11-10 19:57 - 2015-11-04 23:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2015-11-10 19:57 - 2015-11-04 23:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-11-10 19:57 - 2015-11-04 23:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2015-11-10 19:57 - 2015-11-04 23:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-11-10 19:57 - 2015-11-04 23:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2015-11-10 19:57 - 2015-11-04 23:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-11-10 19:57 - 2015-11-04 23:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-11-10 19:57 - 2015-11-04 23:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-11-10 19:57 - 2015-11-04 23:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2015-11-10 19:57 - 2015-11-04 23:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2015-11-10 19:57 - 2015-11-04 23:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2015-11-10 19:57 - 2015-11-04 23:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-11-10 19:57 - 2015-11-04 22:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-11-10 19:57 - 2015-11-04 22:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2015-11-10 19:57 - 2015-11-04 22:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-11-10 19:57 - 2015-11-04 22:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2015-11-10 19:57 - 2015-11-04 22:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-11-10 19:57 - 2015-11-04 22:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2015-11-10 19:57 - 2015-11-04 22:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2015-11-10 19:57 - 2015-11-04 22:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-11-10 19:57 - 2015-11-04 22:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2015-11-10 19:57 - 2015-11-04 22:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-11-10 19:57 - 2015-11-04 22:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-11-10 19:57 - 2015-11-04 22:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2015-11-10 19:57 - 2015-11-04 22:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2015-11-10 19:57 - 2015-11-04 22:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-11-10 19:57 - 2015-11-04 22:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-11-10 19:57 - 2015-11-04 22:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2015-11-10 19:57 - 2015-11-04 22:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-11-10 19:57 - 2015-11-04 22:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2015-11-10 19:57 - 2015-11-04 22:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2015-11-10 19:57 - 2015-11-04 22:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-12-08 16:52 - 2015-07-10 04:47 - 00000000 ____D C:\Windows

2015-12-08 16:45 - 2015-07-30 17:25 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-12-08 16:43 - 2014-08-11 12:59 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-12-08 16:38 - 2014-08-11 12:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-12-08 16:33 - 2015-10-15 21:23 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-12-08 16:27 - 2015-10-15 23:10 - 00891694 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-12-08 16:27 - 2015-07-30 17:40 - 00000000 ____D C:\WINDOWS\INF

2015-12-08 16:24 - 2015-10-16 01:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-12-08 16:20 - 2015-10-15 22:57 - 00000000 ____D C:\ProgramData\NVIDIA

2015-12-08 16:20 - 2015-10-15 21:23 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-12-08 16:19 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\ModemLogs

2015-12-08 16:19 - 2015-07-30 16:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-12-08 16:19 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2015-12-08 14:41 - 2015-10-16 02:26 - 00000000 ____D C:\Users\King Rapp\AppData\Roaming\OBS

2015-12-08 14:41 - 2015-10-16 02:26 - 00000000 ____D C:\Program Files\OBS

2015-12-08 14:41 - 2015-10-16 02:26 - 00000000 ____D C:\Program Files (x86)\OBS

2015-12-08 14:38 - 2015-10-23 17:02 - 00000000 ____D C:\Program Files\Common Files\Adobe

2015-12-08 14:32 - 2014-08-11 12:31 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-12-08 14:21 - 2015-10-15 21:01 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ADBD27B0-0598-4441-A0EA-71B22160A88B}

2015-12-08 14:20 - 2015-10-23 16:50 - 00000000 ____D C:\Users\King Rapp\AppData\Local\Adobe

2015-12-08 14:19 - 2015-10-23 16:56 - 00000000 ___RD C:\Users\King Rapp\Creative Cloud Files

2015-12-08 02:22 - 2015-10-23 16:19 - 00000000 ____D C:\Users\King Rapp\AppData\Local\CrashDumps

2015-12-07 23:34 - 2015-10-15 21:23 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-12-07 20:45 - 2015-10-19 11:03 - 00000000 ____D C:\Program Files\Elgato

2015-12-07 20:42 - 2015-10-19 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato

2015-12-07 20:41 - 2015-10-19 11:03 - 00000000 ____D C:\Program Files (x86)\Elgato

2015-12-07 20:41 - 2015-10-16 02:18 - 00000000 ____D C:\Users\King Rapp\AppData\Roaming\Elgato

2015-12-07 03:07 - 2015-10-15 22:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-12-07 03:07 - 2014-08-11 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-12-07 02:36 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-12-04 20:28 - 2015-10-15 21:23 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-12-04 20:28 - 2015-10-15 21:23 - 00003750 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-12-04 20:23 - 2015-07-30 17:42 - 00000000 ___HD C:\Program Files\WindowsApps

2015-12-02 02:51 - 2015-10-15 22:59 - 00000000 ____D C:\Users\King Rapp

2015-12-01 19:57 - 2015-10-15 23:51 - 00000000 ___DC C:\WINDOWS\Panther

2015-12-01 17:56 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2015-11-30 19:32 - 2015-07-30 17:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-11-30 19:32 - 2015-07-30 17:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-11-30 03:39 - 2015-10-19 11:03 - 00001207 _____ C:\Users\Public\Desktop\Game Capture HD.lnk

2015-11-30 03:38 - 2015-10-19 11:03 - 00000336 _____ C:\WINDOWS\SysWOW64\CFLogTemp.txt

2015-11-30 03:11 - 2015-05-07 17:32 - 00000000 ____D C:\ProgramData\Oracle

2015-11-30 03:09 - 2014-11-17 10:46 - 00000000 ____D C:\Program Files\Java

2015-11-30 03:09 - 2014-11-17 10:45 - 00000000 ____D C:\Program Files (x86)\Java

2015-11-30 03:09 - 2014-08-11 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-11-30 03:08 - 2015-10-16 01:37 - 00000000 ____D C:\Users\King Rapp\.oracle_jre_usage

2015-11-30 03:08 - 2014-11-17 10:46 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2015-11-30 02:58 - 2015-10-16 01:43 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2015-11-30 02:58 - 2015-10-15 20:52 - 00000000 ____D C:\Users\King Rapp\AppData\Local\NVIDIA Corporation

2015-11-30 01:49 - 2015-10-23 16:53 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk

2015-11-30 01:49 - 2015-10-23 16:53 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2015-11-30 01:49 - 2015-10-15 20:53 - 00000000 ____D C:\Users\King Rapp\AppData\Roaming\Adobe

2015-11-30 01:43 - 2015-10-23 16:55 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-11-25 19:34 - 2015-08-29 02:31 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-11-24 18:07 - 2015-08-29 02:31 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-11-24 18:07 - 2015-08-07 10:10 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb

2015-11-24 14:32 - 2015-10-15 22:57 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-11-24 14:32 - 2015-10-15 22:57 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-11-23 15:35 - 2015-10-15 22:57 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin

2015-11-15 23:01 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\rescache

2015-11-15 22:54 - 2015-08-29 02:31 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll

2015-11-15 22:54 - 2015-08-29 02:31 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

2015-11-12 13:37 - 2014-08-11 12:29 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2015-11-12 13:37 - 2014-08-11 12:29 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2015-11-12 13:37 - 2014-08-11 12:29 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2015-11-12 13:37 - 2014-08-11 12:29 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2015-11-11 02:22 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\system32\appraiser

 

==================== Files in the root of some directories =======

 

2015-10-15 22:56 - 2015-10-15 22:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

 

Some files in TEMP:

====================

C:\Users\King Rapp\AppData\Local\Temp\cxtvrate.dll

C:\Users\King Rapp\AppData\Local\Temp\emmon.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u60-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u65-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u66-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\King Rapp\AppData\Local\Temp\nvStInst.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-12-07 02:46

 

==================== End of FRST.txt ============================

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015

Ran by King Rapp (administrator) on KINGRAPP (08-12-2015 16:52:45)

Running from C:\Users\King Rapp\Downloads

Loaded Profiles: King Rapp (Available Profiles: King Rapp)

Platform: Windows 10 Home (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7632088 2014-06-10] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [uninstall C:\Users\King Rapp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\King Rapp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2269360 2015-11-25] (Adobe Systems Incorporated)

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)

HKU\S-1-5-21-985922411-3085202454-4168001255-1002\...\RunOnce: [Adobe Speed Launcher] => 1449609650

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 05 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{1772a3c4-e8c1-4f50-884d-c02b44d312c2}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{3e2461c1-c189-4201-aa8c-3eaf9830b6b8}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{c71d8142-b8e1-4995-9499-09df8597fcdc}: [DhcpNameServer] 192.168.0.2

 

Internet Explorer:

==================

SearchScopes: HKU\S-1-5-21-985922411-3085202454-4168001255-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)

 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)

FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Profile: C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15]

CHR Extension: (Google Docs) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15]

CHR Extension: (Google Drive) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]

CHR Extension: (YouTube) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]

CHR Extension: (Adblock Plus) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-26]

CHR Extension: (Google Search) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]

CHR Extension: (Google Sheets) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15]

CHR Extension: (Google Docs Offline) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-26]

CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2015-11-26]

CHR Extension: (Chrome Web Store Payments) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15]

CHR Extension: (Gmail) - C:\Users\King Rapp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)

R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-09] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-09] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [52456 2015-10-16] (UB658)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-08] (Malwarebytes)

R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2512016 2015-06-17] (MediaTek Inc.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-17] (Realtek                                            )

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-09] ()

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-09] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-12-08 16:52 - 2015-12-08 16:53 - 00014597 _____ C:\Users\King Rapp\Downloads\FRST.txt

2015-12-08 16:52 - 2015-12-08 16:52 - 00000000 ____D C:\FRST

2015-12-08 16:51 - 2015-12-08 16:51 - 02369024 _____ (Farbar) C:\Users\King Rapp\Downloads\FRST64.exe

2015-12-08 16:50 - 2015-12-08 16:51 - 01719808 _____ (Farbar) C:\Users\King Rapp\Downloads\FRST.exe

2015-12-08 16:44 - 2015-12-08 16:44 - 00016148 _____ C:\WINDOWS\system32\KINGRAPP_King Rapp_HistoryPrediction.bin

2015-12-08 02:28 - 2015-12-08 02:28 - 07086848 _____ C:\Users\King Rapp\Downloads\OBS_0_657b_Installer (1).exe

2015-12-07 20:40 - 2015-12-07 20:41 - 35901440 _____ C:\Users\King Rapp\Downloads\VideoCaptureSetup_1.15.2 (1).msi

2015-12-07 20:39 - 2015-12-07 20:39 - 35901440 _____ C:\Users\King Rapp\Downloads\VideoCaptureSetup_1.15.2.msi

2015-12-07 20:37 - 2015-12-07 20:37 - 03220128 _____ (Elgato Systems) C:\Users\King Rapp\Downloads\Video_Capture_Driver_Installer.exe

2015-12-07 03:07 - 2015-12-07 03:07 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

2015-12-07 03:06 - 2015-11-24 13:42 - 00102704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2015-12-07 03:05 - 2015-11-24 18:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00601424 _____ C:\WINDOWS\system32\nvmcumd.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00503416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00446768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-12-07 03:05 - 2015-11-24 18:07 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-12-04 23:28 - 2015-12-04 23:28 - 07086848 _____ C:\Users\King Rapp\Downloads\OBS_0_657b_Installer.exe

2015-12-02 01:08 - 2015-12-02 01:08 - 670061122 _____ C:\WINDOWS\MEMORY.DMP

2015-12-02 01:08 - 2015-12-02 01:08 - 00346336 _____ C:\WINDOWS\Minidump\120215-14093-01.dmp

2015-12-02 01:08 - 2015-12-02 01:08 - 00000000 ____D C:\WINDOWS\Minidump

2015-12-01 19:54 - 2015-12-01 19:55 - 00000000 ___HD C:\$WINDOWS.~BT

2015-11-30 03:02 - 2015-11-15 22:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll

2015-11-30 03:02 - 2015-11-15 22:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll

2015-11-30 03:02 - 2015-11-15 22:54 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

2015-11-30 02:58 - 2015-11-12 13:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll

2015-11-10 19:57 - 2015-11-05 00:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-11-10 19:57 - 2015-11-05 00:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2015-11-10 19:57 - 2015-11-05 00:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-11-10 19:57 - 2015-11-05 00:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2015-11-10 19:57 - 2015-11-05 00:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-11-10 19:57 - 2015-11-05 00:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-11-10 19:57 - 2015-11-05 00:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2015-11-10 19:57 - 2015-11-05 00:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2015-11-10 19:57 - 2015-11-04 23:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-11-10 19:57 - 2015-11-04 23:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2015-11-10 19:57 - 2015-11-04 23:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2015-11-10 19:57 - 2015-11-04 23:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-11-10 19:57 - 2015-11-04 23:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-11-10 19:57 - 2015-11-04 23:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2015-11-10 19:57 - 2015-11-04 23:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2015-11-10 19:57 - 2015-11-04 23:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-11-10 19:57 - 2015-11-04 23:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-11-10 19:57 - 2015-11-04 23:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2015-11-10 19:57 - 2015-11-04 23:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2015-11-10 19:57 - 2015-11-04 23:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-11-10 19:57 - 2015-11-04 23:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll

2015-11-10 19:57 - 2015-11-04 23:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2015-11-10 19:57 - 2015-11-04 23:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-11-10 19:57 - 2015-11-04 23:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2015-11-10 19:57 - 2015-11-04 23:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-11-10 19:57 - 2015-11-04 23:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2015-11-10 19:57 - 2015-11-04 23:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-11-10 19:57 - 2015-11-04 23:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-11-10 19:57 - 2015-11-04 23:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-11-10 19:57 - 2015-11-04 23:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2015-11-10 19:57 - 2015-11-04 23:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2015-11-10 19:57 - 2015-11-04 23:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2015-11-10 19:57 - 2015-11-04 23:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-11-10 19:57 - 2015-11-04 22:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-11-10 19:57 - 2015-11-04 22:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2015-11-10 19:57 - 2015-11-04 22:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-11-10 19:57 - 2015-11-04 22:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2015-11-10 19:57 - 2015-11-04 22:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-11-10 19:57 - 2015-11-04 22:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2015-11-10 19:57 - 2015-11-04 22:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2015-11-10 19:57 - 2015-11-04 22:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-11-10 19:57 - 2015-11-04 22:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2015-11-10 19:57 - 2015-11-04 22:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-11-10 19:57 - 2015-11-04 22:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-11-10 19:57 - 2015-11-04 22:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2015-11-10 19:57 - 2015-11-04 22:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2015-11-10 19:57 - 2015-11-04 22:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-11-10 19:57 - 2015-11-04 22:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-11-10 19:57 - 2015-11-04 22:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2015-11-10 19:57 - 2015-11-04 22:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-11-10 19:57 - 2015-11-04 22:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2015-11-10 19:57 - 2015-11-04 22:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2015-11-10 19:57 - 2015-11-04 22:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-12-08 16:52 - 2015-07-10 04:47 - 00000000 ____D C:\Windows

2015-12-08 16:45 - 2015-07-30 17:25 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-12-08 16:43 - 2014-08-11 12:59 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-12-08 16:38 - 2014-08-11 12:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-12-08 16:33 - 2015-10-15 21:23 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-12-08 16:27 - 2015-10-15 23:10 - 00891694 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-12-08 16:27 - 2015-07-30 17:40 - 00000000 ____D C:\WINDOWS\INF

2015-12-08 16:24 - 2015-10-16 01:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-12-08 16:20 - 2015-10-15 22:57 - 00000000 ____D C:\ProgramData\NVIDIA

2015-12-08 16:20 - 2015-10-15 21:23 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-12-08 16:19 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\ModemLogs

2015-12-08 16:19 - 2015-07-30 16:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-12-08 16:19 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2015-12-08 14:41 - 2015-10-16 02:26 - 00000000 ____D C:\Users\King Rapp\AppData\Roaming\OBS

2015-12-08 14:41 - 2015-10-16 02:26 - 00000000 ____D C:\Program Files\OBS

2015-12-08 14:41 - 2015-10-16 02:26 - 00000000 ____D C:\Program Files (x86)\OBS

2015-12-08 14:38 - 2015-10-23 17:02 - 00000000 ____D C:\Program Files\Common Files\Adobe

2015-12-08 14:32 - 2014-08-11 12:31 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-12-08 14:21 - 2015-10-15 21:01 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ADBD27B0-0598-4441-A0EA-71B22160A88B}

2015-12-08 14:20 - 2015-10-23 16:50 - 00000000 ____D C:\Users\King Rapp\AppData\Local\Adobe

2015-12-08 14:19 - 2015-10-23 16:56 - 00000000 ___RD C:\Users\King Rapp\Creative Cloud Files

2015-12-08 02:22 - 2015-10-23 16:19 - 00000000 ____D C:\Users\King Rapp\AppData\Local\CrashDumps

2015-12-07 23:34 - 2015-10-15 21:23 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-12-07 20:45 - 2015-10-19 11:03 - 00000000 ____D C:\Program Files\Elgato

2015-12-07 20:42 - 2015-10-19 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato

2015-12-07 20:41 - 2015-10-19 11:03 - 00000000 ____D C:\Program Files (x86)\Elgato

2015-12-07 20:41 - 2015-10-16 02:18 - 00000000 ____D C:\Users\King Rapp\AppData\Roaming\Elgato

2015-12-07 03:07 - 2015-10-15 22:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-12-07 03:07 - 2014-08-11 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-12-07 02:36 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-12-04 20:28 - 2015-10-15 21:23 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-12-04 20:28 - 2015-10-15 21:23 - 00003750 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-12-04 20:23 - 2015-07-30 17:42 - 00000000 ___HD C:\Program Files\WindowsApps

2015-12-02 02:51 - 2015-10-15 22:59 - 00000000 ____D C:\Users\King Rapp

2015-12-01 19:57 - 2015-10-15 23:51 - 00000000 ___DC C:\WINDOWS\Panther

2015-12-01 17:56 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2015-11-30 19:32 - 2015-07-30 17:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-11-30 19:32 - 2015-07-30 17:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-11-30 03:39 - 2015-10-19 11:03 - 00001207 _____ C:\Users\Public\Desktop\Game Capture HD.lnk

2015-11-30 03:38 - 2015-10-19 11:03 - 00000336 _____ C:\WINDOWS\SysWOW64\CFLogTemp.txt

2015-11-30 03:11 - 2015-05-07 17:32 - 00000000 ____D C:\ProgramData\Oracle

2015-11-30 03:09 - 2014-11-17 10:46 - 00000000 ____D C:\Program Files\Java

2015-11-30 03:09 - 2014-11-17 10:45 - 00000000 ____D C:\Program Files (x86)\Java

2015-11-30 03:09 - 2014-08-11 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-11-30 03:08 - 2015-10-16 01:37 - 00000000 ____D C:\Users\King Rapp\.oracle_jre_usage

2015-11-30 03:08 - 2014-11-17 10:46 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2015-11-30 02:58 - 2015-10-16 01:43 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2015-11-30 02:58 - 2015-10-15 20:52 - 00000000 ____D C:\Users\King Rapp\AppData\Local\NVIDIA Corporation

2015-11-30 01:49 - 2015-10-23 16:53 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk

2015-11-30 01:49 - 2015-10-23 16:53 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2015-11-30 01:49 - 2015-10-15 20:53 - 00000000 ____D C:\Users\King Rapp\AppData\Roaming\Adobe

2015-11-30 01:43 - 2015-10-23 16:55 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-11-25 19:34 - 2015-08-29 02:31 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-11-24 18:07 - 2015-08-29 02:31 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-11-24 18:07 - 2015-08-29 02:31 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-11-24 18:07 - 2015-08-07 10:10 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb

2015-11-24 14:32 - 2015-10-15 22:57 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-11-24 14:32 - 2015-10-15 22:57 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-11-24 14:32 - 2015-10-15 22:57 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-11-23 15:35 - 2015-10-15 22:57 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin

2015-11-15 23:01 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\rescache

2015-11-15 22:54 - 2015-08-29 02:31 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll

2015-11-15 22:54 - 2015-08-29 02:31 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

2015-11-12 13:37 - 2014-08-11 12:29 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2015-11-12 13:37 - 2014-08-11 12:29 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2015-11-12 13:37 - 2014-08-11 12:29 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2015-11-12 13:37 - 2014-08-11 12:29 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2015-11-11 02:22 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\system32\appraiser

 

==================== Files in the root of some directories =======

 

2015-10-15 22:56 - 2015-10-15 22:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

 

Some files in TEMP:

====================

C:\Users\King Rapp\AppData\Local\Temp\cxtvrate.dll

C:\Users\King Rapp\AppData\Local\Temp\emmon.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u60-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u65-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u66-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\King Rapp\AppData\Local\Temp\nvStInst.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-12-07 02:46

 

==================== End of FRST.txt ============================

Addition.txt

Shortcut.txt

Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.
 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log
 

Post those logs, also let me know if any remaining issues or concerns...

 

Thank you,

 

Kevin..

 

 

 

 

Fixlist.txt

Link to post
Share on other sites

# AdwCleaner v5.024 - Logfile created 08/12/2015 at 18:22:49

# Updated 07/12/2015 by Xplode

# Database : 2015-12-07.3 [server]

# Operating system : Windows 10 Home  (x64)

# Username : King Rapp - KINGRAPP

# Running from : C:\Users\King Rapp\Downloads\AdwCleaner.exe

# Option : Cleaning


 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

 

***** [ Files ] *****

 

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml

 

***** [ DLLs ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

[-] Key Deleted : HKLM\SOFTWARE\Classes\S

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}

 

***** [ Web browsers ] *****

 

 

*************************

 

:: "Tracing" keys removed

:: Winsock settings cleared

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1145 bytes] ##########
Link to post
Share on other sites

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Oct 19 10:40:22 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Mon Oct 19 10:41:59 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Oct 19 10:51:28 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Oct 19 10:51:46 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Oct 19 12:25:25 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Oct 19 12:55:48 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Oct 19 12:55:50 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Oct 19 13:46:00 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Oct 19 13:46:05 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Oct 19 13:50:07 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Oct 19 13:50:08 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 15:06:52 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 15:06:58 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 15:17:55 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 15:17:57 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 15:23:05 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 15:23:07 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 16:54:45 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 16:55:04 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 18:00:49 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 18:26:32 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 18:26:35 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 20:37:17 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 20:37:20 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 20:42:21 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 20:42:22 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 21:04:30 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 21:04:31 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 23 21:09:39 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 23 21:09:40 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 24 00:19:21 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 24 00:19:22 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 24 00:24:28 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 24 00:24:29 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 24 02:37:58 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 24 02:38:00 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 24 02:43:02 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 24 02:43:03 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sun Oct 25 01:50:10 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Oct 25 01:50:27 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sun Oct 25 01:55:46 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Oct 25 01:55:47 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 30 23:12:14 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 30 23:14:08 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 30 23:50:34 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Oct 30 23:55:38 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 00:01:40 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 00:01:43 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 00:06:50 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 00:06:51 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 00:35:07 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 00:35:08 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 00:40:17 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 00:40:18 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 01:17:51 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 01:17:52 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 01:32:25 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 01:32:26 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 01:37:32 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 01:37:32 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 02:06:40 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 02:06:41 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 02:11:49 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 02:11:50 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 18:46:17 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 18:48:58 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 23:22:22 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 23:22:22 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Oct 31 23:27:32 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Oct 31 23:27:33 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sun Nov 01 00:16:11 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Nov 01 00:16:12 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sun Nov 01 00:21:22 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Nov 01 00:21:22 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sun Nov 01 23:37:45 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 00:13:00 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 00:13:01 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 00:18:10 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 00:18:11 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 00:45:12 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 00:45:13 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 01:19:04 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 01:19:05 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 01:26:37 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 01:26:38 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 01:31:47 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 01:31:48 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 02:55:11 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 02:55:12 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 03:12:08 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 03:12:09 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Mon Nov 02 03:18:11 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 02 03:18:12 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Tue Nov 03 11:26:23 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Tue Nov 03 11:53:20 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 03 11:53:24 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Tue Nov 03 12:14:57 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 03 12:14:58 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Nov 06 17:15:15 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 06 17:16:18 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Nov 06 17:29:51 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 06 17:29:53 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Nov 06 17:34:08 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 06 17:34:09 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Nov 06 17:44:05 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 06 17:44:06 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Nov 06 17:48:38 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 06 17:48:39 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Fri Nov 06 22:00:17 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 06 22:00:18 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Sat Nov 07 18:45:46 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Nov 07 18:46:42 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.29, October 2015 (build 5.29.11901.0)

Started On Tue Nov 10 19:58:46 2015

 

Engine: 1.1.12101.0

Signatures: 1.207.1429.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 10 20:00:20 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Nov 10 20:01:03 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 10 20:03:28 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Nov 10 23:23:00 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 10 23:23:02 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Nov 10 23:28:38 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 10 23:28:39 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Sun Nov 15 22:37:05 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Nov 15 22:38:08 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Sun Nov 15 23:17:39 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Nov 15 23:17:43 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Sun Nov 15 23:22:49 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Nov 15 23:22:51 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 16 00:50:12 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 16 00:50:13 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 16 00:55:12 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 16 00:55:14 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 30 03:19:03 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 30 03:19:50 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 30 06:28:27 2015

 

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 30 17:37:45 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 30 17:46:52 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 30 20:21:44 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 30 20:21:45 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Nov 30 20:26:53 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 30 20:26:55 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 01 06:01:38 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 01 06:01:39 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 01 06:06:48 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 01 06:06:49 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 01 19:54:20 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 01 19:55:52 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 01 23:03:02 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 01 23:03:03 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 01 23:08:10 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 01 23:08:12 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Wed Dec 02 02:47:53 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 02 02:47:56 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Fri Dec 04 20:29:35 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 04 20:30:39 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Fri Dec 04 20:44:49 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 04 20:44:50 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Fri Dec 04 20:48:53 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 04 20:48:54 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Fri Dec 04 21:19:07 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 04 21:19:08 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Fri Dec 04 21:24:18 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 04 21:24:19 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Fri Dec 04 23:17:50 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 04 23:17:51 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 02:47:02 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 02:50:31 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 06:26:50 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 06:27:17 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 06:31:59 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 06:32:00 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 06:40:08 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 06:40:09 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 06:45:17 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 06:45:19 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 21:56:22 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 21:56:24 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Mon Dec 07 22:01:32 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 07 22:01:33 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 08 02:41:07 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 02:41:10 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.30, November 2015 (build 5.30.12000.0)

Started On Tue Dec 08 16:38:12 2015

 

Engine: 1.1.12205.0

Signatures: 1.209.673.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 16:38:22 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.31, December 2015 (build 5.31.12100.0)

Started On Tue Dec 08 16:38:43 2015

 

Engine: 1.1.12300.0

Signatures: 1.211.637.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 16:43:54 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.31, December 2015 (build 5.31.12100.0)

Started On Tue Dec 08 17:10:38 2015

 

Engine: 1.1.12300.0

Signatures: 1.211.637.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 17:10:43 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.31, December 2015 (build 5.31.12100.0)

Started On Tue Dec 08 17:26:47 2015

 

Engine: 1.1.12300.0

Signatures: 1.211.637.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 17:26:49 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.31, December 2015 (build 5.31.12100.0)

Started On Tue Dec 08 17:31:57 2015

 

Engine: 1.1.12300.0

Signatures: 1.211.637.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 17:31:59 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.31, December 2015 (build 5.31.12100.0)

Started On Tue Dec 08 18:28:22 2015

 

Engine: 1.1.12300.0

Signatures: 1.211.637.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 08 18:32:56 2015

 

 

Return code: 0 (0x0)
Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version:05-12-2015

Ran by King Rapp (2015-12-08 18:02:37) Run:1

Running from C:\Users\King Rapp\Downloads

Loaded Profiles: King Rapp (Available Profiles: King Rapp)

Boot Mode: Normal

==============================================

 

fixlist content:

*****************

Start

CloseProcesses:

CreateRestorePoint:

Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

Winsock: Catalog9-x64 05 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-15] (Lavasoft Limited)

cmd: netsh winsock reset

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

C:\Users\King Rapp\AppData\Local\Temp\cxtvrate.dll

C:\Users\King Rapp\AppData\Local\Temp\emmon.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u60-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u65-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\jre-8u66-windows-au.exe

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\King Rapp\AppData\Local\Temp\nvStInst.exe

CustomCLSID: HKU\S-1-5-21-985922411-3085202454-4168001255-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E8B5AF13FCB8}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File

Task: {7871CECE-8535-4ACB-90A1-2423B1537183} - System32\Tasks\Iftenniaek => C:\ProgramData\Iftenniaek\1.0.6.1\hlinuebu.exe

C:\ProgramData\Iftenniaek\1.0.6.1\hlinuebu.exe

C:\ProgramData\Iftenniaek

EmptyTemp:

Reboot:

end

*****************

 

Processes closed successfully.

Restore point was successfully created.

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => key removed successfully

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => key removed successfully

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => key removed successfully

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => key removed successfully

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000005" => key removed successfully

 

=========  netsh winsock reset =========

 

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107

 

Sucessfully reset the Winsock Catalog.

You must restart the computer in order to complete the reset.

 

 

========= End of CMD: =========

 

wfpcapture => service removed successfully

C:\Users\King Rapp\AppData\Local\Temp\cxtvrate.dll => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\emmon.exe => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\jre-8u60-windows-au.exe => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\jre-8u65-windows-au.exe => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\jre-8u66-windows-au.exe => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI.dll => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully

C:\Users\King Rapp\AppData\Local\Temp\nvStInst.exe => moved successfully

"HKU\S-1-5-21-985922411-3085202454-4168001255-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E8B5AF13FCB8}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7871CECE-8535-4ACB-90A1-2423B1537183}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7871CECE-8535-4ACB-90A1-2423B1537183}" => key removed successfully

C:\WINDOWS\System32\Tasks\Iftenniaek => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Iftenniaek" => key removed successfully

"C:\ProgramData\Iftenniaek\1.0.6.1\hlinuebu.exe" => not found.

"C:\ProgramData\Iftenniaek" => not found.

EmptyTemp: => 951.4 MB temporary data Removed.

 

 

The system needed a reboot.

 

==== End of Fixlog 18:02:58 ====

Link to post
Share on other sites

Run the following to check if file is gone....

 

Please download SystemLook from the following link below and save it to your Desktop. Use the correct version 32bit or 64bit.

http://jpshortstuff.247fixes.com/SystemLook_x64.exe     <<-   64 bit….

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe   <<-  32 bit

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :filefindLavasoftTcpService64.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.


Note: The log can also be found on your Desktop entitled SystemLook.txt

 

Post that log...

Link to post
Share on other sites

SystemLook 30.07.11 by jpshortstuff

Log created at 18:51 on 08/12/2015 by King Rapp

Administrator - Elevation successful

 

========== filefind ==========

 

Searching for "LavasoftTcpService64.dll"

C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService64.dll --a---- 425744 bytes [02:03 16/10/2015] [02:03 16/10/2015] 88A78227691B60F686CD103819AC263B

 

-= EOF =-

Link to post
Share on other sites

No you should be good to go, we just need to clean up. I`m going offline very shortly as after midnight local time for me. If you have any remaining issues post back and i`ll catch later...

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Next,

 

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif
 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.