SlowSource Posted November 25, 2017 ID:1186295 Share Posted November 25, 2017 As the title states - Malwarebytes is not removing the trovi and conduit PUP. I have run several programs such as Rouge Killer, ADW remover, AVAST and Malwarebytes. Eventhough they quarantine the PUPS they do not remove them as no matter how many times I rescan the same PUPS reappear. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 11/25/17 Scan Time: 12:26 AM Log File: 4b7793f4-d177-11e7-af90-d43d7ef8b254.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.236 Update Package Version: 1.0.3341 License: Free -System Information- OS: Windows 10 (Build 15063.0) CPU: x64 File System: NTFS User: ME\Ciaran -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 491932 Threats Detected: 5 Threats Quarantined: 5 Time Elapsed: 1 min, 45 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 5 PUP.Optional.Conduit, C:\USERS\CIARA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [578], [454835],1.0.3341 PUP.Optional.Conduit, C:\USERS\CIARAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [578], [454835],1.0.3341 PUP.Optional.Trovi, C:\USERS\CIARAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [4978], [454808],1.0.3341 PUP.Optional.Trovi, C:\USERS\CIARA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [4978], [454808],1.0.3341 PUP.Optional.Trovigo, C:\USERS\CIARA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [16169], [455258],1.0.3341 Physical Sector: 0 (No malicious items detected) (end) Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186296 Share Posted November 25, 2017 Hi SlowSource Follow the instructions in the thread below, it should help solve your issue. https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186301 Share Posted November 25, 2017 29 minutes ago, Aura said: Hi SlowSource Follow the instructions in the thread below, it should help solve your issue. https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ Thank you for your reply. That method did solve part of the issue by removing three of the PUPS. However - two still remain and are under Default Web Data. I have gone though Chrome and removed all search engines except for Google. Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186304 Share Posted November 25, 2017 Did you remove all of them under "Other Search Engines" as well? Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186370 Share Posted November 25, 2017 9 hours ago, Aura said: Did you remove all of them under "Other Search Engines" as well? Yes. Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186396 Share Posted November 25, 2017 Alright, follow the instructions below. Farbar Recovery Scan Tool (FRST) - Scan mode Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply. Download the right version of FRST for your system:FRST 32-bit FRST 64-bitNote: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using. Move the executable (FRST.exe or FRST64.exe) on your Desktop Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds Make sure the Addition.txt box is checked Click on the Scan button On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files Copy and paste the content of both FRST.txt and Addition.txt in your next reply Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186473 Share Posted November 25, 2017 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01 Ran by Ciaran (25-11-2017 20:06:56) Running from C:\Users\ciara\Desktop Windows 10 Pro Version 1703 (X64) (2017-07-17 23:00:00) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3484710837-4212486087-3058144886-500 - Administrator - Disabled) Ciaran (S-1-5-21-3484710837-4212486087-3058144886-1002 - Administrator - Enabled) => C:\Users\ciara DefaultAccount (S-1-5-21-3484710837-4212486087-3058144886-503 - Limited - Disabled) Guest (S-1-5-21-3484710837-4212486087-3058144886-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Active Sky 2016 for P3D (HKLM-x32\...\{d0b0a249-0f47-46a8-a765-1d2601fd6e94}_is1) (Version: 1.0.6255.27664 - HiFi Technologies, Inc.) Active Sky for P3Dv4 (HKLM-x32\...\{4cb690b0-f4e3-404c-babc-cc780cc6fcb1}_is1) (Version: 1.0.6517.34864 - HiFi Technologies, Inc.) Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft) Aerosoft's - Airport-Avatars - PREPAR3D V4.x (HKLM-x32\...\Airport-Avatars - PREPAR3D V4.x) (Version: 1.10 - Aerosoft) Aerosoft's - Kilimanjaro X - PREPAR3D V4.x (HKLM-x32\...\Kilimanjaro X - PREPAR3D V4.x) (Version: 1.10 - Aerosoft) Aerosoft's - Mega Airport London Heathrow Professional (HKLM-x32\...\Mega Airport London Heathrow Professional) (Version: 1.01 - Aerosoft) Aerosoft's - Mega Airport Oslo 2.0 - PREPAR3D V4.x (HKLM-x32\...\Mega Airport Oslo 2.0 - PREPAR3D V4.x) (Version: 1.12 - Aerosoft) aerosoft's - NavDataPro Charts (HKLM-x32\...\NavDataPro Charts) (Version: 1.0.0.2 - aerosoft) aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.28 - aerosoft) AI Lights Reborn Free Edition (HKLM-x32\...\{46C94EA0-957E-11E7-6784-002FAB2F18BE}) (Version: 3.2 - Flight Sim Technologies) ASConnect for P3Dv4 Installer (HKLM-x32\...\{dd86cb93-47a1-4936-95c1-fb1e25c393b8}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.) ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) Hidden ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) AURA RGB Lighting Control for Graphic card & ROG-XG-STATION-2 (HKLM-x32\...\{AD025C19-8F13-4D1E-9DE1-5F10D3BA1CCC}) (Version: 0.0.5.4 - ASUSTek COMPUTER INC.) Hidden AURA RGB Lighting Control for Graphic card & ROG-XG-STATION-2 (HKLM-x32\...\InstallShield_{AD025C19-8F13-4D1E-9DE1-5F10D3BA1CCC}) (Version: 0.0.5.4 - ASUSTek COMPUTER INC.) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.17863 - Electronic Arts) Core Temp 1.8.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.8.1 - ALCPU) CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DirectX Version Checker (HKLM-x32\...\{6122970E-5575-4155-8408-FD624B3F7C4F}_is1) (Version: - directxupdate.com) Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit) Dxtory version 2.0.141 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.141 - ExKode Co. Ltd.) easyJet Cabin Sounds v1.0 (HKLM-x32\...\easyJet Cabin Sounds_is1) (Version: 0.1.0.0 - FlightSimLabs, Ltd.) Envdir (HKLM-x32\...\{9321E1F5-D4D5-49D4-96B8-6D6308D235C0}_is1) (Version: 1.1.1.5 - TOGA projects) Eurowings Cabin Sounds v1.0 (HKLM-x32\...\Eurowings Cabin Sounds_is1) (Version: 0.1.0.0 - FlightSimLabs, Ltd.) FSDG-CapeVerdeFREE (HKLM-x32\...\FSDG-CapeVerdeFREE) (Version: - ) FSDG-LITE-Bangalore (HKLM-x32\...\FSDG-LITE-Bangalore) (Version: - ) FSDreamTeam GSX version 2.0.0.2 (HKLM-x32\...\FSDreamTeam GSX_is1) (Version: 2.0.0.2 - VIRTUALI Sagl) FSLabs A320X v2.0.1.215 for P3Dv4 (HKLM\...\A320X_P3Dv4_is1) (Version: 2.0.1.215 - FlightSimLabs, Ltd.) FSLSpotLights v2.0.0.3 (HKLM\...\FSLSpotLights_x64_is1) (Version: 2.0.0.3 - FlightSimLabs, Ltd.) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden Guarulhos Intl SBGR P3Dv4 2017.1 (HKLM-x32\...\sbgr17p3dv4) (Version: 2017.1 - TropicalSim) Hato Intl TNCC P3Dv4 2017.1 (HKLM-x32\...\tncc17p3dv4) (Version: 2017.1 - TropicalSim) HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Intel Processor Diagnostic Tool 64bit (HKLM\...\{D011AAF9-F756-43AB-8E91-47ADF0D86394}) (Version: 4.0.0.29 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden JetBlue livery v1.3 (HKLM-x32\...\JetBlue livery_is1) (Version: 0.1.3.0 - FlightSimLabs, Ltd.) JustSim-ELLX v1.3 (HKLM-x32\...\JUSTSIM-ELLX-D6889F35-BB60-4FCA-B513-49560CD66A75_is1) (Version: 1.3.0.0 - SimMarket) Lufthansa (D-AIZB) livery v1.3 (HKLM-x32\...\Lufthansa (D-AIZB) livery_is1) (Version: 0.1.3.0 - FlightSimLabs, Ltd.) Lufthansa Cabin Sounds v1.2 (HKLM-x32\...\Lufthansa Cabin Sounds_is1) (Version: 0.1.2.0 - FlightSimLabs, Ltd.) Lufthansa livery v1.3 (HKLM-x32\...\Lufthansa livery_is1) (Version: 0.1.3.0 - FlightSimLabs, Ltd.) Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - ) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenCL™ runtime for Intel® Core™ and Xeon® Processors (HKLM\...\{1F6CF248-9A18-4740-BD09-281DBC8A2051}) (Version: 6.4.0.25 - Intel Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.4.14.21968 - Electronic Arts, Inc.) PMDG 737-8900 NGX Base Package P3D (HKLM-x32\...\{0EA92925-36E7-40CB-A714-118AB046099B}) (Version: 1.20.8465 - PMDG Simulations, LLC.) PMDG 747-400 QOTSII Base Package P3D (HKLM-x32\...\{B8BBEEDC-2F4A-47BD-99C1-95B01E22FEFF}) (Version: 3.00.8466 - PMDG Simulations, LLC.) PMDG 777-200LRF Base Package P3D (HKLM-x32\...\{C1CB0E26-CE1A-4789-8EEA-919C4CD491C1}) (Version: 1.10.8448 - PMDG Simulations, LLC.) PMDG 777-300ER Expansion P3D (HKLM-x32\...\{BD6E3AEC-7746-494A-B055-75D6D56A82BB}) (Version: 1.10.8448 - PMDG Simulations, LLC.) Prepar3D v4 Academic (HKLM-x32\...\{d7f121e9-f425-4801-a2b9-a92eca775bef}) (Version: 4.0.23.21468 - Lockheed Martin) Prepar3D v4 Academic Client (HKLM\...\{F4C0F17C-2CAD-4CC2-B8EA-63D59CF17070}) (Version: 4.1.7.22841 - Lockheed Martin) Prepar3D v4 Content (HKLM\...\{87040041-993B-42AF-BEA0-6086FEB45184}) (Version: 4.1.7.22841 - Lockheed Martin) Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.1.7.22841 - Lockheed Martin) QATAR Airways livery v1.3 (HKLM-x32\...\QATAR Airways livery_is1) (Version: 0.1.3.0 - FlightSimLabs, Ltd.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8198 - Realtek Semiconductor Corp.) REX 4 - Texture Direct - SP6 - Hotfix 5 (HKLM-x32\...\{1E0FED05-3238-43F7-8F92-4EE6CBE5F134}) (Version: 4.6.2017.0725 - REX Game Studios, LLC.) REX 4 - Texture Direct Enhanced Edition (HKLM-x32\...\{9781BC31-6931-4F55-9008-F783EFB52AAE}) (Version: 4.7.2017.0814 - REX Game Studios) REX Soft Clouds - SP3 - Hotfix 5 (HKLM-x32\...\{98C432AB-8BC0-4C76-8336-889E907F955A}) (Version: 4.3.2017.0714 - REX Game Studios, LLC.) RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder) SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.9091) (Version: 4.58.2552.909 - Avast Software) Hidden SimObject Display Engine (HKLM-x32\...\{CF01DDCE-487C-40D1-A798-BE842515661D}) (Version: 1.5.3 - 12bPilot) Simstall (HKU\S-1-5-21-3484710837-4212486087-3058144886-1002\...\Simstall) (Version: 2.1.1 - Simstall) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.22.0 - Synaptics Incorporated) T2G Hamad Intl Airport (HKLM-x32\...\T2G_HAMAD_INTL_AIRPORT_is1) (Version: 1.0.0.1 - SimMarket) TAXI2GATE-EDDM P3Dv4 (HKLM-x32\...\TAXI2GATE-EDDM-P3DV4-0E3CC8DA-26E5-4B93-BFAE-191E9D085E27_is1) (Version: 1.0.0.0 - SimMarket) TOGA - ENVTEX v1.1.1 (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.1.1.0 - SimMarket) UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Virgin America livery v1.3 (HKLM-x32\...\Virgin America livery_is1) (Version: 0.1.3.0 - FlightSimLabs, Ltd.) VIRTUALI Addon ManagerX version 4.0.0.8 (HKLM-x32\...\VIRTUALI Addon ManagerX_is1) (Version: 4.0.0.8 - VIRTUALI Sagl) VistaMare ViMaCore X (HKLM-x32\...\ViMaCore X) (Version: - ) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-22] (AVAST Software) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-22] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-22] (AVAST Software) ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-22] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-22] (AVAST Software) ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {030245FD-E141-4DB1-AA16-47756FE12813} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {0B027EE9-22F0-43D2-B3A8-6E63E061B4FF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation) Task: {11E420AC-F03C-4C00-8444-E4E2F9825C51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-25] (Google Inc.) Task: {192D8576-DC2E-4F92-BB4A-89BB8B8299B2} - System32\Tasks\AURA => C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe [2017-03-01] (ASUSTek COMPUTER INC.) Task: {2D31FDFC-AF6B-4941-B658-291A7000B758} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {32944669-B686-4FFF-B90B-CF9AD9D3E73C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation) Task: {3697F324-8020-444F-856E-3849C74BD70C} - System32\Tasks\SafeZone scheduled Autoupdate 1497199619 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software) Task: {412C5801-A07C-48AD-8F71-391D6B0E7AEE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation) Task: {447BE401-FDB5-465C-83FE-0D8766D58431} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation) Task: {5C1B32E6-8B40-454B-87B2-DA9B0D63E254} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe [2017-10-24] (IObit) Task: {827D1D54-0C29-4EE0-8D12-964841404F94} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-25] (Google Inc.) Task: {89765EE1-AAF8-4D55-A3DE-B5A511FA8B9B} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-04-12] (TODO: <Company name>) Task: {8E56E4D8-55AE-4412-9189-FE4AFA920572} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {9C3A52D6-4510-4CC1-81E3-C741DF59AABF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-22] (AVAST Software) Task: {AA40C0F3-DE59-4199-BCF8-B5A961C3F6C2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.EXE /NOUACCHECK Task: {E998659D-4A0F-4071-B5EB-C06541E10282} - System32\Tasks\Driver Booster SkipUAC (Ciaran) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-16] (IObit) Task: {FFA22AC1-3CC4-42E6-B32D-B802995CBDC1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-09-15 20:15 - 2017-10-11 01:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-11-25 00:24 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-09-15 20:19 - 2017-10-27 16:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-03-18 20:58 - 2017-03-18 20:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 20:59 - 2017-03-20 03:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-11-25 01:18 - 2017-11-10 09:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll 2017-11-25 01:18 - 2017-11-10 09:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll 2017-02-12 18:38 - 2017-04-18 16:10 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-12-27 18:27 - 2016-12-27 18:27 - 001753088 _____ () C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\Vender.dll 2017-02-09 09:39 - 2017-02-09 09:39 - 000065536 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll 2017-03-28 16:51 - 2017-03-28 16:51 - 001753088 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll 2017-09-15 20:15 - 2017-10-11 01:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-11-22 00:28 - 2017-11-22 00:28 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-11-22 00:28 - 2017-11-22 00:28 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-07-11 20:07 - 2017-07-11 20:07 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-11-22 00:28 - 2017-11-22 00:28 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-11-22 00:28 - 2017-11-22 00:28 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-11-22 00:28 - 2017-11-22 00:28 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-01-16 11:40 - 2017-01-16 11:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-02-10 19:25 - 2017-02-10 19:24 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3484710837-4212486087-3058144886-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ciara\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: FlexNet Licensing Service 64 => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MSI_LiveUpdate_Service => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Wallpaper Engine Service => 2 HKLM\...\StartupApproved\Run: => "ShadowPlay" HKU\S-1-5-21-3484710837-4212486087-3058144886-1002\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{28012B3B-52FC-4CBC-B6F8-A5C86059F780}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe FirewallRules: [{1539CCEC-BD5E-4D41-B31E-94BD55202129}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe FirewallRules: [{5243FAA7-528E-4300-A325-1EA9946FD3F4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe FirewallRules: [{545B2177-BA06-43EC-83FF-4091C5AAE733}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe FirewallRules: [{E171D30D-D86E-486F-9B0D-FA201A64A49C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe FirewallRules: [{2812AB75-3C23-4E75-A20A-5EAF60D5DE61}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe FirewallRules: [{C4659688-40F7-410B-AB4B-E82468C25397}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4EA08042-CB51-413E-A2D2-0A4326F7A0A7}] => (Allow) LPort=445 FirewallRules: [{8033BA10-1E19-4286-823A-749511E181CF}] => (Allow) LPort=19284 FirewallRules: [{00743D28-8921-4910-9140-344209D33C53}] => (Allow) LPort=19285 ==================== Restore Points ========================= 09-11-2017 15:43:02 Scheduled Checkpoint 16-11-2017 16:33:40 Windows Modules Installer 24-11-2017 23:37:56 Scheduled Checkpoint 25-11-2017 00:47:31 Driver Booster : Intel(R) 8 Series/C220 Series PCI Express Root Port #4 - 8C16 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/25/2017 01:50:22 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (11/25/2017 12:50:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GPUTweakII.exe, version: 1.4.5.2, time stamp: 0x58ede1f3 Faulting module name: GPUTweakII.exe, version: 1.4.5.2, time stamp: 0x58ede1f3 Exception code: 0xc000041d Fault offset: 0x00014b97 Faulting process ID: 0x2874 Faulting application start time: 0x01d36587744df3dc Faulting application path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe Faulting module path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe Report ID: 1e099fcb-959c-4c2e-aeb2-f3a3707192f1 Faulting package full name: Faulting package-relative application ID: Error: (11/25/2017 12:50:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GPUTweakII.exe, version: 1.4.5.2, time stamp: 0x58ede1f3 Faulting module name: GPUTweakII.exe, version: 1.4.5.2, time stamp: 0x58ede1f3 Exception code: 0xc0000005 Fault offset: 0x00014b97 Faulting process ID: 0x2874 Faulting application start time: 0x01d36587744df3dc Faulting application path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe Faulting module path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe Report ID: 074a9087-5474-4cba-90f3-e669642f5e89 Faulting package full name: Faulting package-relative application ID: Error: (11/25/2017 12:50:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GPUTweakII.exe, version: 1.4.5.2, time stamp: 0x58ede1f3 Faulting module name: GPUTweakII.exe, version: 1.4.5.2, time stamp: 0x58ede1f3 Exception code: 0xc0000005 Fault offset: 0x000ab346 Faulting process ID: 0x1488 Faulting application start time: 0x01d365827e2c2605 Faulting application path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe Faulting module path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe Report ID: 4250cdd4-2c67-4c1f-92bc-c23c1c8fb373 Faulting package full name: Faulting package-relative application ID: Error: (11/25/2017 12:45:26 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (11/25/2017 12:45:26 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (11/25/2017 12:45:20 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (11/25/2017 12:45:20 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (11/24/2017 11:50:59 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (11/23/2017 12:08:08 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Prepar3D.exe version 4.1.7.22841 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2398 Start Time: 01d363edc028ba8f Termination Time: 27 Application Path: C:\Program Files\Lockheed Martin\Prepar3D v4\Prepar3D.exe Report Id: eb702534-f4f4-4e66-8592-84cd11da78fc Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (11/25/2017 01:17:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 7 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 5 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 6 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 4 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 2 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:17:13 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY) Description: Performance power management features on Hyper-V logical processor 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. Error: (11/25/2017 01:15:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz Percentage of memory in use: 23% Total physical RAM: 16324.77 MB Available physical RAM: 12412.23 MB Total Virtual: 18756.77 MB Available Virtual: 14394.64 MB ==================== Drives ================================ Drive c: (Local Disk) (Fixed) (Total:697.52 GB) (Free:239.05 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 78A8E5FD) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=697.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=787 MB) - (Type=27) ======================================================== Disk: 1 (Size: 232.9 GB) (Disk ID: D5ED15BA) Partition 1: (Active) - (Size=216.9 GB) - (Type=83) Partition 2: (Not Active) - (Size=15.9 GB) - (Type=05) ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01 Ran by Ciaran (administrator) on ME (25-11-2017 20:06:35) Running from C:\Users\ciara\Desktop Loaded Profiles: Ciaran (Available Profiles: Ciaran) Platform: Windows 10 Pro Version 1703 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe (TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => C:\Windows\System32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3943080 2000-01-01] (Synaptics Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-22] (AVAST Software) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230304 2017-11-25] (Realtek Semiconductor) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-3484710837-4212486087-3058144886-1002\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{d35c6904-2cb0-46db-9610-6655de4b60df}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-25] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-25] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.facebook.com/" CHR Profile: C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default [2017-11-25] CHR Extension: (Slides) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-25] CHR Extension: (Docs) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-25] CHR Extension: (Google Drive) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-25] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-11-25] CHR Extension: (YouTube) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-25] CHR Extension: (uBlock Origin) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-11-25] CHR Extension: (Avast Passwords) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-11-25] CHR Extension: (Sheets) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-25] CHR Extension: (Google Docs Offline) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-25] CHR Extension: (Avast Online Security) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-25] CHR Extension: (Save to Facebook) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-11-25] CHR Extension: (Google Maps) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-11-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-25] CHR Extension: (Gmail) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-25] CHR Extension: (Chrome Media Router) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25] CHR Profile: C:\Users\ciara\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-25] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-22] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-22] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [332368 2017-11-22] (AVAST Software) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation) S2 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-05] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149664 2017-07-05] (Electronic Arts) S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-09-15] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-22] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-22] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-22] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-22] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-22] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-22] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-12] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-22] (AVAST Software) R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [570152 2017-11-22] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-22] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-22] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-22] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-22] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-22] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-22] (AVAST Software) S3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45016 2017-05-16] (Corsair) S3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21976 2017-05-16] (Corsair) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164592 2017-08-14] (Qualcomm Atheros, Inc.) S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-06-23] (ELAN Microelectronic Corp.) R3 GLCKIO; C:\Program Files (x86)\ASUS\GPU TweakII\690b33e1-0462-4e84-9bea-c7552b45432a.sys [18712 2017-11-25] () R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-17] (REALiX(tm)) R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-11] (ASUSTeK Computer Inc.) R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-05-27] () S3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164592 2017-08-14] (Qualcomm Atheros, Inc.) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-25] (Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation) S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc) S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc) S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc) S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc) S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc) S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc) S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc) S3 SaiH0763; C:\WINDOWS\System32\drivers\SaiH0763.sys [178304 2008-02-15] (Saitek) S3 SaiH0BAC; C:\WINDOWS\system32\DRIVERS\SaiH0BAC.sys [176128 2007-07-02] (Saitek) R3 SaiK0763; C:\WINDOWS\System32\drivers\SaiK0763.sys [181920 2015-11-06] (Saitek) R3 SaiK0bac; C:\WINDOWS\System32\drivers\SaiK0bac.sys [180896 2017-06-17] (Saitek) R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2015-11-06] (Saitek) R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51616 2015-11-06] (Saitek) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] () S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2000-01-01] (Synaptics Incorporated) S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42584 2000-01-01] (Synaptics Incorporated) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.) R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54400 2017-11-25] (Intel Corporation) S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-25 20:06 - 2017-11-25 20:06 - 000018088 _____ C:\Users\ciara\Desktop\FRST.txt 2017-11-25 20:05 - 2017-11-25 20:05 - 002393088 _____ (Farbar) C:\Users\ciara\Downloads\FRST64 (1).exe 2017-11-25 20:05 - 2017-11-25 20:05 - 002393088 _____ (Farbar) C:\Users\ciara\Desktop\FRST64.exe 2017-11-25 13:49 - 2017-11-25 13:49 - 000006726 _____ C:\Users\ciara\Downloads\EDDMOTHH.wx 2017-11-25 13:49 - 2017-11-25 13:49 - 000002436 _____ C:\Users\ciara\Downloads\EDDMOTHH.rte 2017-11-25 01:18 - 2017-11-25 20:03 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-11-25 01:18 - 2017-11-25 20:03 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-11-25 01:18 - 2017-11-25 01:18 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-25 01:18 - 2017-11-25 01:18 - 000002346 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-11-25 01:18 - 2017-11-25 01:18 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-11-25 00:52 - 2017-11-25 00:52 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2017-11-25 00:52 - 2017-11-25 00:52 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2017-11-25 00:52 - 2017-11-25 00:52 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2017-11-25 00:52 - 2017-11-25 00:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-11-25 00:51 - 2017-11-25 00:51 - 001804688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2017-11-25 00:51 - 2017-11-25 00:51 - 001730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01009.dll 2017-11-25 00:45 - 2017-11-25 00:45 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-11-25 00:43 - 2017-11-25 20:06 - 000000000 ____D C:\FRST 2017-11-25 00:43 - 2017-11-25 00:43 - 000058530 _____ C:\Users\ciara\Downloads\FRST.txt 2017-11-25 00:43 - 2017-11-25 00:43 - 000035758 _____ C:\Users\ciara\Downloads\Addition.txt 2017-11-25 00:42 - 2017-11-25 00:42 - 002393088 _____ (Farbar) C:\Users\ciara\Downloads\FRST64.exe 2017-11-25 00:37 - 2017-11-25 20:03 - 000002568 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2017-11-25 00:37 - 2017-11-25 20:03 - 000002280 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Ciaran) 2017-11-25 00:37 - 2017-11-25 00:52 - 000002365 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk 2017-11-25 00:37 - 2017-11-25 00:37 - 019204520 _____ (IObit ) C:\Users\ciara\Downloads\driver_booster_setup.exe 2017-11-25 00:37 - 2017-11-25 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 2017-11-25 00:33 - 2017-11-25 00:33 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-11-25 00:32 - 2017-11-25 00:46 - 000000000 ____D C:\ProgramData\RogueKiller 2017-11-25 00:32 - 2017-11-25 00:32 - 026838600 _____ (Adlice Software) C:\Users\ciara\Downloads\RogueKiller_portable64.exe 2017-11-25 00:29 - 2017-11-25 00:29 - 000001795 _____ C:\Users\ciara\Desktop\malware.txt 2017-11-25 00:24 - 2017-11-25 01:17 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-11-25 00:24 - 2017-11-25 00:24 - 000001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-11-25 00:24 - 2017-11-25 00:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-11-25 00:24 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-11-25 00:23 - 2017-11-25 00:23 - 078346672 _____ (Malwarebytes ) C:\Users\ciara\Downloads\mb3-setup-consumer-3.3.1.2183.exe 2017-11-25 00:11 - 2017-11-25 00:14 - 000000000 ____D C:\AdwCleaner 2017-11-25 00:11 - 2017-11-25 00:11 - 008261584 _____ (Malwarebytes) C:\Users\ciara\Desktop\adwcleaner_7.0.4.0.exe 2017-11-25 00:10 - 2017-11-25 00:11 - 008261584 _____ (Malwarebytes) C:\Users\ciara\Downloads\adwcleaner_7.0.4.0.exe 2017-11-24 23:41 - 2017-11-24 23:41 - 003085504 _____ C:\Users\ciara\Downloads\FSUIPC5.zip 2017-11-24 23:41 - 2017-11-20 11:08 - 003008000 _____ (Peter L. Dowson) C:\Users\ciara\Desktop\Install FSUIPC5.exe 2017-11-24 11:50 - 2017-11-24 11:50 - 000011204 _____ C:\Users\ciara\Downloads\EDDMRJAA.wx 2017-11-24 11:50 - 2017-11-24 11:50 - 000004257 _____ C:\Users\ciara\Downloads\EDDMRJAA.rte 2017-11-24 11:31 - 2017-11-24 11:31 - 042208581 _____ C:\Users\ciara\Downloads\FSLabs_DLH_Cabin_Pack_v2.0.exe (1).zip 2017-11-23 12:42 - 2017-11-23 12:42 - 000006128 _____ C:\Users\ciara\Downloads\EDDMKDEN.wx 2017-11-23 12:42 - 2017-11-23 12:42 - 000002047 _____ C:\Users\ciara\Downloads\EDDMKDEN.rte 2017-11-23 00:17 - 2017-11-23 00:17 - 004191948 _____ C:\Users\ciara\Downloads\SODE-EDDMV1.2.rar 2017-11-23 00:17 - 2017-11-23 00:17 - 000000880 _____ C:\Users\ciara\Downloads\FIX-DYNL-EDDM.rar 2017-11-22 23:52 - 2017-11-22 23:53 - 045263068 _____ C:\Users\ciara\Downloads\pmdg_747-400_lufthansa_fleet_1.zip 2017-11-22 23:51 - 2017-11-22 23:52 - 025619281 _____ C:\Users\ciara\Downloads\pmdg_b744v3_lufthansa_dabtl.zip 2017-11-22 23:51 - 2017-11-22 23:51 - 015330619 _____ C:\Users\ciara\Downloads\lufthansa_747-400_d-abvy.zip 2017-11-22 23:12 - 2017-09-15 11:00 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll 2017-11-22 23:10 - 2017-11-22 23:11 - 629718780 _____ (SimMarket ) C:\Users\ciara\Downloads\TAXI2GATE_EDDM_P3DV4.exe 2017-11-22 23:06 - 2017-11-23 12:40 - 000002269 _____ C:\Users\ciara\Desktop\Simstall.lnk 2017-11-22 23:06 - 2017-11-22 23:06 - 000000000 ____D C:\Users\ciara\AppData\Local\Simstall 2017-11-22 23:05 - 2017-11-22 23:05 - 002465280 _____ (Simstall) C:\Users\ciara\Downloads\Setup.exe 2017-11-22 15:25 - 2017-11-22 15:25 - 000003021 _____ C:\Users\ciara\Downloads\EGLLCYUL.wx 2017-11-22 15:25 - 2017-11-22 15:25 - 000000878 _____ C:\Users\ciara\Downloads\EGLLCYUL.rte 2017-11-22 15:17 - 2017-11-22 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Mega Airport London Heathrow Professional 2017-11-22 14:34 - 2017-11-22 14:35 - 041655256 _____ (VIRTUALI Sagl ) C:\Users\ciara\Downloads\setup_addonmanagerX (1).exe 2017-11-22 14:19 - 2017-11-22 14:26 - 000002476 _____ C:\Users\Public\Desktop\Flightbeam - Manager (P3D4).lnk 2017-11-22 14:12 - 2017-11-22 14:18 - 566375808 _____ () C:\Users\ciara\Downloads\KIAD_P3DFSX_setup.exe 2017-11-22 14:05 - 2017-11-22 14:05 - 000000197 _____ C:\Users\ciara\FlightBeam_Washington Dulles Intl - HD.reg 2017-11-22 00:38 - 2017-11-22 00:38 - 001590606 _____ C:\Users\ciara\Downloads\AIA B767-400 United FSX (1).zip 2017-11-22 00:28 - 2017-11-22 00:28 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-11-22 00:28 - 2017-11-22 00:28 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2017-11-22 00:26 - 2017-11-22 00:26 - 001590606 _____ C:\Users\ciara\Downloads\AIA B767-400 United FSX.zip 2017-11-22 00:08 - 2017-11-22 00:08 - 000158498 _____ C:\Users\ciara\Downloads\AIG_UnitedAirlines_Summer_2016.zip 2017-11-22 00:07 - 2017-11-22 00:07 - 000071343 _____ C:\Users\ciara\Downloads\AIG_BritishAirways_Summer_2016.zip 2017-11-22 00:01 - 2017-11-22 00:01 - 000031250 _____ C:\Users\ciara\Downloads\AIG_AirCanadaRouge_Winter_2016-2017.zip 2017-11-21 23:59 - 2017-11-21 23:59 - 000040694 _____ C:\Users\ciara\Downloads\AIG_EthiopianAirlines_Winter_2016-2017.zip 2017-11-21 23:57 - 2017-11-21 23:57 - 000080559 _____ C:\Users\ciara\Downloads\AIG_JetBlue_Winter_2016-2017.zip 2017-11-21 23:56 - 2017-11-21 23:56 - 000020161 _____ C:\Users\ciara\Downloads\AIG_KalittaAir_Winter_2016-2017.zip 2017-11-21 23:55 - 2017-11-21 23:55 - 000048397 _____ C:\Users\ciara\Downloads\AIG_flybe_Winter_2016-2017.zip 2017-11-21 23:54 - 2017-11-21 23:54 - 000026340 _____ C:\Users\ciara\Downloads\AIG_AerLingusRegional_Winter_2016-2017v2.zip 2017-11-21 23:53 - 2017-11-21 23:53 - 000050531 _____ C:\Users\ciara\Downloads\AIG_Emirates_Winter_2016-2017.zip 2017-11-21 23:52 - 2017-11-21 23:52 - 000062777 _____ C:\Users\ciara\Downloads\AIG_AllNipponAirways_Winter_2016-2017.zip 2017-11-21 13:15 - 2017-11-21 13:15 - 000011041 _____ C:\Users\ciara\Downloads\ENGMVOBL.wx 2017-11-21 13:15 - 2017-11-21 13:15 - 000004078 _____ C:\Users\ciara\Downloads\ENGMVOBL.rte 2017-11-21 13:10 - 2017-11-21 13:10 - 016966503 _____ C:\Users\ciara\Downloads\texture.jetairways_vt-jeq.zip 2017-11-20 20:42 - 2017-11-20 20:42 - 022978063 _____ C:\Users\ciara\Downloads\pmdg_atlas_air_747-47uf_n418mc.zip 2017-11-20 19:34 - 2017-11-20 19:34 - 142536727 _____ C:\Users\ciara\Downloads\faib_b744_gti_p3d1.zip 2017-11-20 12:55 - 2017-11-20 12:55 - 000750430 _____ C:\Users\ciara\Downloads\FSL_SAFETY_JBU.zip 2017-11-20 12:42 - 2017-11-20 12:43 - 025875535 _____ C:\Users\ciara\Downloads\faib_ual_b764_p3d.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 107068663 _____ C:\Users\ciara\Downloads\faib_dal_b763_p3d1.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 087732982 _____ C:\Users\ciara\Downloads\faib_aal_b763_p3d.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 085144664 _____ C:\Users\ciara\Downloads\faib_gti_b763_p3d.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 063945898 _____ C:\Users\ciara\Downloads\faib_b763_oae_p3d1.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 062253158 _____ C:\Users\ciara\Downloads\faib_dal_b764_p3d.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 041587385 _____ C:\Users\ciara\Downloads\faib_gti_b762_p3d.zip 2017-11-20 12:18 - 2017-11-20 12:18 - 022472598 _____ C:\Users\ciara\Downloads\faib_b763_cks_p3d.zip 2017-11-20 12:06 - 2017-11-20 12:06 - 022723950 _____ C:\Users\ciara\Downloads\FAIB7673.zip 2017-11-20 12:04 - 2017-11-20 12:04 - 011746649 _____ C:\Users\ciara\Downloads\FAIB7674.zip 2017-11-20 12:03 - 2017-11-20 12:03 - 000000000 ____D C:\ProgramData\MB3CoreBackup 2017-11-19 11:10 - 2017-11-19 11:10 - 000007448 _____ C:\Users\ciara\Downloads\EGLLSBGR.wx 2017-11-19 11:10 - 2017-11-19 11:10 - 000002703 _____ C:\Users\ciara\Downloads\EGLLSBGR.rte 2017-11-18 13:43 - 2017-11-18 13:43 - 014152517 _____ C:\Users\ciara\Downloads\FSL_A320_easyJet_Europe_OE-IVO.zip 2017-11-18 13:43 - 2017-11-18 13:43 - 012758820 _____ C:\Users\ciara\Downloads\FSL_A320_easyJet_G-EZTD (1).zip 2017-11-18 13:39 - 2017-11-18 13:39 - 003908506 _____ C:\Users\ciara\Downloads\FSL_A320X_CABIN_PA_SAFETY_BRIEFING.ogg 2017-11-18 13:37 - 2017-11-18 13:37 - 007278840 _____ C:\Users\ciara\Downloads\FSLabs_EZY_Cabin_Pack_v1.0 (3).zip 2017-11-17 13:39 - 2017-11-17 13:39 - 196032016 _____ (HiFi Technologies, Inc. ) C:\Users\ciara\Downloads\AS_P3Dv4_Install.exe 2017-11-16 23:06 - 2017-11-16 23:06 - 253872428 _____ C:\Users\ciara\Downloads\Aer_Lingus_A320_Livery_Pack_for_FSL_A32x.zip 2017-11-16 22:48 - 2017-11-16 22:48 - 007724781 _____ C:\Users\ciara\Downloads\Texture.AA_N678AW.zip 2017-11-16 16:39 - 2017-11-16 16:39 - 001246944 _____ C:\Users\ciara\Downloads\FSL_SAFETY_DAL.zip 2017-11-15 23:06 - 2017-11-15 23:06 - 000491883 _____ C:\Users\ciara\Downloads\FSL_SAFETY_EIN.zip 2017-11-15 11:47 - 2017-11-15 11:48 - 338797838 _____ () C:\Users\ciara\Downloads\FSDG-LITE-BANGALORE_FSX_P3D.exe 2017-11-14 21:14 - 2017-11-14 21:14 - 013115049 _____ C:\Users\ciara\Downloads\fsl_a320-x_eurowings_v150.zip 2017-11-14 21:14 - 2017-11-14 21:14 - 012469644 _____ C:\Users\ciara\Downloads\FSLabs_A320-214_DLH_v1.3.zip 2017-11-14 21:13 - 2017-11-14 21:13 - 011829998 _____ C:\Users\ciara\Downloads\FSLabs_A320-232_QTR_v1.3.zip 2017-11-14 21:13 - 2017-11-14 21:13 - 010619577 _____ C:\Users\ciara\Downloads\FSLabs_A320-214_AIC_v1.3.zip 2017-11-14 21:12 - 2017-11-14 21:12 - 042337018 _____ C:\Users\ciara\Downloads\FSLabs_EWG_Cabin_Pack_v1.0.exe.zip 2017-11-14 21:12 - 2017-11-14 21:12 - 042208581 _____ C:\Users\ciara\Downloads\FSLabs_DLH_Cabin_Pack_v2.0.exe.zip 2017-11-14 21:12 - 2017-11-14 21:12 - 012486537 _____ C:\Users\ciara\Downloads\FSLabs_A320-214_DLHzb_v1.3.zip 2017-11-14 21:12 - 2017-11-14 21:12 - 007278840 _____ C:\Users\ciara\Downloads\FSLabs_EZY_Cabin_Pack_v1.0 (2).zip 2017-11-14 20:17 - 2017-11-14 20:17 - 000000000 ____D C:\Users\ciara\AppData\Local\TOGA projects 2017-11-14 20:17 - 2017-11-14 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Envdir 2017-11-14 20:15 - 2017-11-14 20:17 - 138408911 _____ (TOGA projects ) C:\Users\ciara\Downloads\Envdir_setup.exe 2017-11-14 20:04 - 2017-11-14 20:12 - 2099442088 _____ C:\Users\ciara\Downloads\TOGA_ENVTEX_FS9FSXP3D-1.bin 2017-11-14 20:04 - 2017-11-14 20:09 - 1564455997 _____ C:\Users\ciara\Downloads\TOGA_ENVTEX_FS9FSXP3D-2.bin 2017-11-14 20:04 - 2017-11-14 20:04 - 000557817 _____ (SimMarket ) C:\Users\ciara\Downloads\TOGA_ENVTEX_FS9FSXP3D.exe 2017-11-13 23:03 - 2017-11-13 23:03 - 007278840 _____ C:\Users\ciara\Downloads\FSLabs_EZY_Cabin_Pack_v1.0 (1).zip 2017-11-13 23:01 - 2017-11-13 23:01 - 010439196 _____ C:\Users\ciara\Downloads\FSLabs_A320-232_SAS_v1.3.zip 2017-11-13 22:29 - 2017-11-13 22:29 - 012758820 _____ C:\Users\ciara\Downloads\FSL_A320_easyJet_G-EZTD.zip 2017-11-13 22:29 - 2017-11-13 22:29 - 000825553 _____ C:\Users\ciara\Downloads\FSL_SAFETY_AAL (1).zip 2017-11-13 22:26 - 2017-11-13 22:26 - 000001296 _____ C:\Users\ciara\Downloads\gsx (1).cfg 2017-11-13 22:25 - 2017-11-13 22:26 - 000001296 _____ C:\Users\ciara\Downloads\gsx.cfg 2017-11-12 17:42 - 2017-11-12 17:42 - 010123711 _____ C:\Users\ciara\Downloads\FSLabs_A320-232_JBU_v1.3 (1).zip 2017-11-12 17:40 - 2017-11-12 17:40 - 000825553 _____ C:\Users\ciara\Downloads\FSL_SAFETY_AAL.zip 2017-11-12 11:47 - 2017-11-12 11:47 - 000005818 _____ C:\Users\ciara\Downloads\OTHHHTKJ_AOC_UPLINK.txt 2017-11-11 21:28 - 2017-11-11 21:28 - 001069128 _____ C:\Users\ciara\Downloads\FSL_SAFETY_UAL.zip 2017-11-11 21:27 - 2017-11-11 21:27 - 001302844 _____ C:\Users\ciara\Downloads\FSL_SAFETY_BAW.zip 2017-11-11 21:22 - 2017-11-11 21:23 - 017539613 _____ C:\Users\ciara\Downloads\QTR.zip 2017-11-11 21:22 - 2017-11-11 21:22 - 007278840 _____ C:\Users\ciara\Downloads\FSLabs_EZY_Cabin_Pack_v1.0.zip 2017-11-11 21:20 - 2017-11-11 21:20 - 011333974 _____ C:\Users\ciara\Downloads\FSLabs_A320-214_VRD_v1.3.zip 2017-11-11 21:20 - 2017-11-11 21:20 - 010123711 _____ C:\Users\ciara\Downloads\FSLabs_A320-232_JBU_v1.3.zip 2017-11-11 21:20 - 2017-11-11 21:20 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs 2017-11-11 18:02 - 2017-11-11 18:02 - 000005268 _____ C:\Users\ciara\Downloads\EKCHEGSS_AOC_UPLINK.txt 2017-11-11 18:01 - 2017-11-11 18:01 - 026864191 _____ C:\Users\ciara\Downloads\FSLabs_SpotLights_v2.0.0.3.zip 2017-11-11 15:48 - 2017-11-11 15:48 - 012376783 _____ C:\Users\ciara\Downloads\FSLabs_A320-214_G-EZTJ_v2.0.zip 2017-11-11 15:46 - 2017-11-11 15:46 - 027202658 _____ C:\Users\ciara\Downloads\FSL A320 easyJet G-EZTB.zip 2017-11-11 15:46 - 2017-11-11 15:46 - 017716472 _____ C:\Users\ciara\Downloads\v4_G-EZTL (1).rar 2017-11-11 12:19 - 2017-11-11 12:19 - 000005176 _____ C:\Users\ciara\Downloads\KDENKSFO_AOC_UPLINK.txt 2017-11-11 12:19 - 2017-11-11 12:19 - 000005176 _____ C:\Users\ciara\Downloads\KDENKSFO_AOC_UPLINK (1).txt 2017-11-11 12:18 - 2017-11-11 12:18 - 000000100 _____ C:\Users\ciara\Downloads\corte.in 2017-11-11 12:14 - 2017-11-11 12:14 - 020162825 _____ C:\Users\ciara\Downloads\FSLabs_A320-232_IAE_jetBlue_(Tartan_Green)_N768JB_v1.1.zip 2017-11-11 11:51 - 2017-11-11 11:51 - 023483748 _____ C:\Users\ciara\Downloads\FSLabs_A320-212_CFM_Delta_Air_Lines_N365NW_v3.0.zip 2017-11-11 11:51 - 2017-11-11 11:51 - 022326026 _____ C:\Users\ciara\Downloads\FSLabs_A320-232_IAE_Qatar_Airways_A7-AHB_v3.0.zip 2017-11-11 11:50 - 2017-11-11 11:50 - 017716472 _____ C:\Users\ciara\Downloads\v4_G-EZTL.rar 2017-11-11 11:50 - 2017-11-11 11:50 - 014092994 _____ C:\Users\ciara\Downloads\FSL_A320_Scandinavian_OY-KAM.zip 2017-11-11 11:49 - 2017-11-11 11:49 - 018313514 _____ C:\Users\ciara\Downloads\FSL_A320_Air_Canada_C-FTJS.zip 2017-11-11 11:49 - 2017-11-11 11:49 - 010923321 _____ C:\Users\ciara\Downloads\FSLabs_A320-214_EZYn_v1.3.zip 2017-11-11 11:49 - 2017-11-11 11:49 - 005333052 _____ C:\Users\ciara\Downloads\FSLabs_A320X_-_British_Airways_-_G-EUUY.rar 2017-11-11 11:48 - 2017-11-11 11:48 - 012059221 _____ C:\Users\ciara\Downloads\FSL_A320_United_Airlines_N411UA (1).zip 2017-11-11 11:46 - 2017-11-11 11:46 - 011407302 _____ C:\Users\ciara\Downloads\FSL_A320_United_Airlines_N411UA.zip 2017-11-11 11:11 - 2017-11-11 11:11 - 000000000 ____D C:\ProgramData\FlightSimLabs 2017-11-11 11:08 - 2017-11-11 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd 2017-11-11 11:08 - 2017-11-11 11:08 - 000000148 _____ C:\Users\ciara\Desktop\FSLA320-X Refuel Panel.url 2017-11-11 11:08 - 2017-11-11 11:08 - 000000137 _____ C:\Users\ciara\Desktop\FSLA320-X MCDU.url 2017-11-11 11:06 - 2017-11-11 18:01 - 000000000 ____D C:\Program Files\FlightSimLabs 2017-11-11 11:06 - 2017-11-11 11:06 - 000000000 ____D C:\Users\Public\Documents\FSLabs Data 2017-11-11 11:06 - 2017-11-11 11:06 - 000000000 ____D C:\Users\ciara\AppData\Roaming\GSX 2017-11-11 11:04 - 2017-11-11 11:04 - 000367152 _____ C:\Users\ciara\Downloads\Normal Procedures A320.pdf 2017-11-11 11:02 - 2017-11-11 11:04 - 918565678 _____ C:\Users\ciara\Downloads\FSLabs_A320X_P3D_v2.0.1.215.zip 2017-11-10 19:56 - 2017-11-10 19:56 - 072257914 _____ C:\Users\ciara\Downloads\Ground Services Soundpack for GSX v1.2.zip 2017-11-10 12:46 - 2017-11-10 12:47 - 083933992 _____ (HiFi Technologies, Inc. ) C:\Users\ciara\Downloads\AS_P3Dv4_Update.exe 2017-11-10 12:46 - 2017-11-10 12:46 - 000003666 _____ C:\Users\ciara\Downloads\KIADEGSS.wx 2017-11-10 12:45 - 2017-11-10 12:45 - 000001134 _____ C:\Users\ciara\Downloads\KIADEGSS.rte 2017-11-09 19:43 - 2017-11-09 19:43 - 000003746 _____ C:\Users\ciara\Downloads\KDENKIAD.wx 2017-11-09 19:43 - 2017-11-09 19:43 - 000000964 _____ C:\Users\ciara\Downloads\KDENKIAD.rte 2017-11-09 15:48 - 2017-11-09 15:48 - 000002222 _____ C:\Users\ciara\Downloads\KSFOKDEN.wx 2017-11-09 15:48 - 2017-11-09 15:48 - 000001111 _____ C:\Users\ciara\Downloads\KDENKSFO.wx 2017-11-09 15:48 - 2017-11-09 15:48 - 000000535 _____ C:\Users\ciara\Downloads\KDENKSFO.rte 2017-11-09 15:48 - 2017-11-09 15:48 - 000000482 _____ C:\Users\ciara\Downloads\KSFOKDEN.rte 2017-11-08 13:12 - 2017-11-08 13:12 - 000005686 _____ C:\Users\ciara\Downloads\EGLLKDEN.wx 2017-11-08 13:12 - 2017-11-08 13:12 - 000001517 _____ C:\Users\ciara\Downloads\EGLLKDEN.rte 2017-11-08 13:10 - 2017-11-08 13:12 - 661941807 _____ () C:\Users\ciara\Downloads\KDEN_P3DFSX_setup.exe 2017-11-08 12:28 - 2017-11-08 12:28 - 000000914 _____ C:\Users\ciara\Downloads\EGSSEKCH.rte 2017-11-08 12:27 - 2017-11-08 12:27 - 000001010 _____ C:\Users\ciara\Downloads\EKCHEGSS.rte 2017-11-08 11:06 - 2017-11-08 11:06 - 000000000 ____N C:\Users\ciara\Downloads\InstallerScriptPost.lua 2017-11-08 11:05 - 2017-11-08 11:06 - 092461351 _____ C:\Users\ciara\Downloads\Common_Library_Package_3.48.exe 2017-11-08 11:03 - 2017-11-08 11:04 - 000749040 _____ C:\Users\ciara\Downloads\UK2000 Installer.exe 2017-11-08 11:02 - 2017-11-08 11:02 - 155828152 _____ C:\Users\ciara\Downloads\UK2000StanstedXtreme_Package_4.22.exe 2017-11-08 11:02 - 2017-11-08 11:02 - 000796547 _____ C:\Users\ciara\Downloads\UK2000StanstedXtreme_Package_UPDATE_4.23.exe 2017-11-03 07:59 - 2017-11-03 07:59 - 000005155 _____ C:\Users\ciara\Downloads\EGLLKSFO.wx 2017-11-03 07:59 - 2017-11-03 07:59 - 000001616 _____ C:\Users\ciara\Downloads\EGLLKSFO.rte 2017-11-02 21:33 - 2017-11-02 21:33 - 000424197 _____ C:\Users\ciara\Downloads\EHAM_P3Dv4_Patch.zip 2017-11-02 21:28 - 2017-11-02 21:30 - 329972551 _____ C:\Users\ciara\Downloads\FlyTampa_Amsterdam_FSX_P3D_11.exe 2017-11-02 21:27 - 2017-11-02 21:32 - 1939546632 _____ C:\Users\ciara\Downloads\FlyTampa_Amsterdam_FSX_P3D.dat 2017-11-02 21:11 - 2017-11-02 21:11 - 005322931 _____ C:\Users\ciara\Downloads\gsx_human_gndcrew_voice (2).zip 2017-11-02 21:11 - 2017-11-02 21:11 - 001070691 _____ C:\Users\ciara\Downloads\replacement_pushback_voice_pack_gsx.zip 2017-11-02 12:31 - 2017-11-02 12:31 - 000002846 _____ C:\Users\ciara\Downloads\EGLLKIAD.wx 2017-11-02 12:31 - 2017-11-02 12:31 - 000001020 _____ C:\Users\ciara\Downloads\EGLLKIAD.rte 2017-11-01 18:23 - 2017-11-01 18:23 - 004372821 _____ (${PROJECT_ORGANIZATION_NAME}) C:\Users\ciara\Downloads\SceneryConfigEditor-installer-1.1.9.exe 2017-11-01 17:14 - 2017-11-01 17:14 - 000000000 ____D C:\Users\ciara\AppData\Roaming\ndp-charts 2017-11-01 17:13 - 2017-11-01 17:14 - 000000000 ____D C:\Users\ciara\AppData\Roaming\.ndp-chartcloud 2017-11-01 17:13 - 2017-11-01 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - NavDataPro Charts 2017-11-01 17:05 - 2017-11-01 17:12 - 1989938960 _____ C:\Users\ciara\Downloads\AS_MEGA-AIRPORT-LONDON-HEATHROW_PROF_P3DV4.zip 2017-11-01 17:05 - 2017-11-01 17:05 - 002678709 _____ C:\Users\ciara\Downloads\AS_MEGA-AIRPORT-LONDON-HEATHROW_PROF_P3DV4_UPD_FROM_1-00-TO_1-01.zip 2017-11-01 16:46 - 2017-11-01 16:46 - 000008659 _____ C:\Users\ciara\Downloads\eham_vdgs_aes.zip 2017-11-01 16:37 - 2017-11-01 16:37 - 012947785 _____ C:\Users\ciara\Downloads\FlyTampa_Configurator_Libraries_FSX_P3D.exe 2017-11-01 16:24 - 2017-11-01 16:24 - 000000000 ____D C:\Program Files (x86)\BlackBox Simulation 2017-11-01 16:23 - 2017-11-01 16:24 - 019542377 _____ (BlackBox Simulation) C:\Users\ciara\Downloads\BlackBox_PreFlight_Manager_Setup[v1.0.6512].exe 2017-11-01 16:20 - 2017-11-01 16:20 - 000000000 ____D C:\ProgramData\BlackBox Simulation 2017-11-01 16:15 - 2017-11-01 16:15 - 000000000 ____D C:\Program Files\Airbus WideBody Xtreme (Prologue) 2017-11-01 16:14 - 2017-11-01 16:15 - 515587593 _____ (BlackBox Simulation) C:\Users\ciara\Downloads\BlackBox_WideBody_Family_Setup_x64[v0.87.5].exe 2017-11-01 12:19 - 2017-11-01 12:19 - 000008872 _____ C:\Users\ciara\Downloads\EHAMOTHH.wx 2017-11-01 12:19 - 2017-11-01 12:19 - 000003257 _____ C:\Users\ciara\Downloads\EHAMOTHH.rte 2017-10-31 22:14 - 2017-10-31 22:14 - 000001189 _____ C:\Users\ciara\Downloads\Orbx_ESSA_PLC_GP_P3D_GLOBAL_Objectflow.xml 2017-10-31 22:09 - 2017-10-31 22:09 - 000000444 _____ C:\Users\ciara\Downloads\Orbx_ESSA_PLC_GP_P3D_NOR_Objectflow.rar 2017-10-31 15:21 - 2017-10-31 15:21 - 000000796 _____ C:\Users\ciara\Downloads\KPVDEGPF.rte 2017-10-31 12:43 - 2017-10-31 12:43 - 000002352 _____ C:\Users\ciara\Downloads\EGCCTNCC.wx 2017-10-31 12:43 - 2017-10-31 12:43 - 000000886 _____ C:\Users\ciara\Downloads\EGCCTNCC.rte 2017-10-30 21:16 - 2017-10-30 21:16 - 000000986 _____ C:\Users\ciara\Downloads\KSFOKVCV.wx 2017-10-30 21:16 - 2017-10-30 21:16 - 000000328 _____ C:\Users\ciara\Downloads\KSFOKVCV.rte 2017-10-30 20:12 - 2017-10-30 20:12 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-10-30 20:12 - 2017-10-27 16:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-10-30 20:12 - 2017-09-13 23:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-10-30 20:12 - 2017-09-13 23:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-10-30 20:12 - 2017-09-13 23:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-10-30 20:12 - 2017-09-13 23:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-10-30 20:10 - 2017-10-27 17:50 - 040237688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 036239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 035156928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 029270976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 023262280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 019037416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 013864048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 013254520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 011779328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 010882720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 004201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001673848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001331200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001321448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 001031104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000739448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000598464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-10-30 20:10 - 2017-10-27 17:50 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-10-30 19:49 - 2017-10-30 19:52 - 1347017803 _____ C:\Users\ciara\Downloads\_fulFTXESSA121.zip 2017-10-30 19:41 - 2017-10-30 19:41 - 001005568 _____ (Microsoft Corporation) C:\Users\ciara\Downloads\dotNetFx45_Full_setup (1).exe 2017-10-30 19:38 - 2017-10-30 19:46 - 000000000 ____D C:\1c59f094a39682481888d9a635 2017-10-30 19:38 - 2017-10-30 19:38 - 001434504 _____ (Microsoft Corporation) C:\Users\ciara\Downloads\NDP471-KB4033344-Web.exe 2017-10-30 19:37 - 2017-10-30 19:37 - 001005568 _____ (Microsoft Corporation) C:\Users\ciara\Downloads\dotNetFx45_Full_setup.exe 2017-10-30 17:57 - 2017-10-30 17:57 - 005202827 _____ C:\Users\ciara\Downloads\SimpleAirportScanner.zip 2017-10-30 12:46 - 2017-10-30 12:46 - 001152512 _____ () C:\Users\ciara\Downloads\ftxcentral3_installer.exe 2017-10-30 00:06 - 2017-10-30 00:06 - 005322931 _____ C:\Users\ciara\Downloads\gsx_human_gndcrew_voice (1).zip 2017-10-30 00:04 - 2017-10-30 00:04 - 005322931 _____ C:\Users\ciara\Downloads\gsx_human_gndcrew_voice.zip 2017-10-29 23:43 - 2017-10-29 23:48 - 2415977665 _____ C:\Users\ciara\Downloads\_fulFTXOrbxlibs171001.zip 2017-10-29 23:10 - 2017-10-29 23:10 - 005000176 _____ C:\Users\ciara\Downloads\utt_787_Ethiopian_fsx.zip 2017-10-29 23:06 - 2017-10-29 23:06 - 006873080 _____ C:\Users\ciara\Downloads\utt_787_United_fsx.zip 2017-10-29 23:01 - 2017-10-29 23:01 - 001511649 _____ C:\Users\ciara\Downloads\B777-300ER United FSX.zip 2017-10-29 23:00 - 2017-10-29 23:00 - 002801046 _____ C:\Users\ciara\Downloads\FSP A380-800 Qatar Airways.zip 2017-10-29 23:00 - 2017-10-29 23:00 - 001635795 _____ C:\Users\ciara\Downloads\UTT B788 Air Canada FSX.zip 2017-10-29 23:00 - 2017-10-29 23:00 - 001449430 _____ C:\Users\ciara\Downloads\FSP 777F Lufthansa Cargo.zip 2017-10-29 13:55 - 2017-10-29 13:55 - 000004499 _____ C:\Users\ciara\Downloads\EGKKKIAD.wx 2017-10-29 13:55 - 2017-10-29 13:55 - 000000982 _____ C:\Users\ciara\Downloads\EGKKKIAD.rte 2017-10-28 22:21 - 2017-10-28 22:21 - 001167399 _____ C:\Users\ciara\Downloads\easyjet_g-ezom.zip 2017-10-28 22:19 - 2017-10-28 22:19 - 002890345 _____ C:\Users\ciara\Downloads\faib733_cargoair_fsx.zip 2017-10-28 22:16 - 2017-10-28 22:16 - 001901218 _____ C:\Users\ciara\Downloads\azal_a319.zip 2017-10-28 22:09 - 2017-10-28 22:09 - 001077913 _____ C:\Users\ciara\Downloads\a319malta.zip 2017-10-28 22:08 - 2017-10-28 22:08 - 002323702 _____ C:\Users\ciara\Downloads\jhma319rou.zip 2017-10-28 22:07 - 2017-10-28 22:07 - 001213585 _____ C:\Users\ciara\Downloads\faib_738aew_fsx.zip 2017-10-28 22:03 - 2017-10-28 22:03 - 005056160 _____ C:\Users\ciara\Downloads\FAIB B737 Ethiopian FSX.zip 2017-10-28 22:01 - 2017-10-28 22:01 - 002516502 _____ C:\Users\ciara\Downloads\FAIB7379DAL.zip 2017-10-28 17:47 - 2017-10-28 17:47 - 000002611 _____ C:\Users\ciara\Downloads\KIADKSFO.wx 2017-10-28 17:47 - 2017-10-28 17:47 - 000000762 _____ C:\Users\ciara\Downloads\KIADKSFO.rte 2017-10-28 17:45 - 2017-10-28 17:45 - 002244927 _____ C:\Users\ciara\Downloads\SODE_JetwaySDK_v1.6.zip 2017-10-28 17:04 - 2017-10-28 17:05 - 043717376 _____ (VIRTUALI Sagl ) C:\Users\ciara\Downloads\setup_addonmanagerX.exe 2017-10-28 16:28 - 2017-10-28 16:28 - 015163482 _____ C:\Users\ciara\Downloads\pmdg747_unitedfriendship_n121ua.zip 2017-10-28 14:56 - 2017-10-28 14:56 - 000036089 _____ C:\Users\ciara\Downloads\ENMHENTC (1).fpr 2017-10-28 14:53 - 2017-10-28 14:53 - 000036089 _____ C:\Users\ciara\Downloads\ENMHENTC.fpr 2017-10-28 13:27 - 2017-10-28 13:27 - 000036089 _____ C:\Users\ciara\Downloads\ENTCENHV.fpr 2017-10-28 13:26 - 2017-10-28 13:26 - 000036089 _____ C:\Users\ciara\Downloads\ENHVENTC.fpr 2017-10-27 20:37 - 2017-10-27 20:37 - 006908120 _____ C:\Users\ciara\Downloads\mjc_rcaf_q400.zip 2017-10-27 19:45 - 2017-10-27 19:45 - 001805940 _____ C:\Users\ciara\Downloads\mjc_q400F_ext.zip 2017-10-27 15:14 - 2017-10-27 15:14 - 000036089 _____ C:\Users\ciara\Downloads\EGPBEGBB.fpr 2017-10-27 12:26 - 2017-10-27 12:26 - 000036089 _____ C:\Users\ciara\Downloads\EGPBEGJJ.fpr 2017-10-27 12:26 - 2017-10-27 12:26 - 000036089 _____ C:\Users\ciara\Downloads\EGJJEGPB.fpr 2017-10-26 20:25 - 2017-10-26 20:25 - 000036089 _____ C:\Users\ciara\Downloads\KIADCYUL.fpr 2017-10-26 20:24 - 2017-10-26 20:24 - 000036089 _____ C:\Users\ciara\Downloads\CYULKIAD.fpr 2017-10-26 12:16 - 2017-10-26 12:16 - 000001904 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\routes.lnk 2017-10-26 12:15 - 2017-10-26 12:15 - 000036089 _____ C:\Users\ciara\Downloads\ENTCENML.fpr 2017-10-26 12:15 - 2017-10-26 12:15 - 000036089 _____ C:\Users\ciara\Downloads\ENMLENTC.fpr ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-25 20:03 - 2017-10-16 09:18 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2017-11-25 20:03 - 2017-09-15 20:15 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-09-15 20:15 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-09-15 20:15 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-09-15 20:15 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-09-15 20:15 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-09-15 20:15 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-09-15 20:15 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-08-14 12:48 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-11-25 20:03 - 2017-07-17 22:57 - 000003344 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1497199619 2017-11-25 20:03 - 2017-07-17 22:57 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2017-11-25 20:03 - 2017-07-17 22:57 - 000002282 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II 2017-11-25 20:03 - 2017-07-17 22:57 - 000002138 _____ C:\WINDOWS\System32\Tasks\AURA 2017-11-25 19:22 - 2017-07-17 22:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-11-25 13:51 - 2017-07-17 22:54 - 000000000 ____D C:\Users\ciara 2017-11-25 13:39 - 2017-09-15 20:15 - 000000000 ____D C:\ProgramData\NVIDIA 2017-11-25 01:23 - 2017-07-17 23:03 - 001327256 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-11-25 01:18 - 2017-06-09 22:06 - 000000000 ____D C:\Users\ciara\AppData\Local\Google 2017-11-25 01:18 - 2017-02-10 20:05 - 000000000 ____D C:\Program Files (x86)\Google 2017-11-25 01:17 - 2017-07-17 22:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-25 01:16 - 2017-03-18 11:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-11-25 00:53 - 2017-06-17 22:30 - 000000000 ____D C:\ProgramData\ProductData 2017-11-25 00:53 - 2017-06-17 22:29 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\IObit 2017-11-25 00:53 - 2017-06-17 22:29 - 000000000 ____D C:\ProgramData\IObit 2017-11-25 00:53 - 2017-06-17 22:29 - 000000000 ____D C:\Program Files (x86)\IObit 2017-11-25 00:52 - 2017-09-15 20:10 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2017-11-25 00:52 - 2017-09-15 20:10 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2017-11-25 00:52 - 2017-09-15 20:10 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2017-11-25 00:52 - 2017-07-17 22:53 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-11-25 00:52 - 2017-06-06 18:13 - 000000000 ____D C:\WINDOWS\system32\RTCOM 2017-11-25 00:52 - 2017-03-18 21:01 - 000000000 ____D C:\WINDOWS\INF 2017-11-25 00:51 - 2017-06-17 22:34 - 000205432 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys 2017-11-25 00:51 - 2017-06-13 15:55 - 000000000 ____D C:\Users\ciara\AppData\Local\CrashDumps 2017-11-25 00:51 - 2015-06-06 04:16 - 000054400 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\XtuAcpiDriver.sys 2017-11-25 00:51 - 2013-08-13 00:01 - 000038680 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys 2017-11-25 00:23 - 2017-06-18 23:07 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-11-25 00:23 - 2017-06-18 23:07 - 000000000 ____D C:\Program Files\Malwarebytes 2017-11-25 00:14 - 2017-06-17 22:29 - 000000000 ____D C:\Users\ciara\AppData\Roaming\IObit 2017-11-25 00:14 - 2017-06-17 19:31 - 000000008 __RSH C:\ProgramData\ntuser.pol 2017-11-22 23:25 - 2017-08-17 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimObject Display Engine 2017-11-22 23:24 - 2017-07-08 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket 2017-11-22 23:06 - 2017-08-15 10:11 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simstall 2017-11-22 23:06 - 2017-08-15 10:11 - 000000000 ____D C:\Users\ciara\AppData\Local\SquirrelTemp 2017-11-22 14:36 - 2017-10-24 18:49 - 000000000 ___RD C:\Users\ciara\Desktop\P3D V4 FILES 2017-11-22 14:36 - 2017-06-15 14:55 - 000000000 ____D C:\Users\ciara\AppData\Roaming\virtuali 2017-11-22 14:35 - 2017-05-31 11:29 - 000000000 ____D C:\Program Files (x86)\Addon Manager 2017-11-22 14:26 - 2017-06-09 21:38 - 000000000 ____D C:\Users\ciara\Documents\Prepar3D v4 Add-ons 2017-11-22 00:28 - 2017-10-21 20:48 - 000570152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys 2017-11-22 00:28 - 2017-07-17 22:57 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-11-22 00:28 - 2017-06-11 16:46 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151131050729604 2017-11-22 00:28 - 2017-06-11 16:46 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-11-22 00:28 - 2017-06-11 16:46 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-11-22 00:28 - 2017-06-06 16:26 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-11-21 23:48 - 2017-06-11 21:25 - 000000000 ___RD C:\Users\ciara\Desktop\Programs and Files 2017-11-17 13:40 - 2017-05-30 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiFi 2017-11-16 16:34 - 2017-03-18 21:00 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2017-11-16 16:34 - 2017-03-18 21:00 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2017-11-16 16:34 - 2017-03-18 20:59 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2017-11-16 16:34 - 2017-03-18 20:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-11-16 16:33 - 2017-03-18 20:59 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2017-11-15 11:50 - 2017-07-17 22:52 - 000289200 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-11-15 11:49 - 2017-10-19 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG 2017-11-14 20:17 - 2017-06-09 23:39 - 000000000 ____D C:\Users\ciara\AppData\Local\TOGA_projects 2017-11-14 20:15 - 2017-07-18 00:37 - 000000000 ____D C:\Program Files (x86)\SimMarket 2017-11-11 11:05 - 2017-05-31 11:29 - 000000000 ____D C:\ProgramData\Esellerate 2017-11-02 21:34 - 2017-05-30 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa 2017-11-01 17:13 - 2015-06-04 19:50 - 000000000 ____D C:\Aerosoft 2017-10-31 22:36 - 2017-06-09 21:37 - 000000000 ____D C:\Users\ciara\AppData\Local\VirtualStore 2017-10-30 20:13 - 2017-09-15 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-10-30 20:13 - 2017-08-14 12:48 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-10-30 20:13 - 2015-08-06 14:15 - 000000000 ____D C:\temp 2017-10-30 20:05 - 2017-09-15 20:15 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-10-30 20:05 - 2017-08-14 12:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-10-30 18:14 - 2017-05-30 18:23 - 000000000 ____D C:\ProgramData\Lockheed Martin 2017-10-30 12:46 - 2017-06-09 22:17 - 000000000 ____D C:\Users\ciara\AppData\Local\Orbx 2017-10-30 12:46 - 2017-05-23 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbx 2017-10-29 23:40 - 2017-06-30 14:33 - 000000000 ____D C:\Users\ciara\AppData\Local\ElevatedDiagnostics 2017-10-27 17:50 - 2017-09-15 20:18 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb 2017-10-27 17:50 - 2017-09-15 20:15 - 000057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-10-27 17:50 - 2017-08-14 12:51 - 004485048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-10-27 17:50 - 2017-08-14 12:51 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-10-27 16:36 - 2017-09-15 20:15 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-10-27 16:12 - 2017-09-15 20:19 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-10-27 16:12 - 2017-09-15 20:19 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-10-27 16:12 - 2017-09-15 20:19 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-10-27 16:12 - 2017-09-15 20:19 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-10-27 16:12 - 2017-09-15 20:19 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-10-27 16:12 - 2017-09-15 20:19 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-10-27 16:12 - 2017-09-15 20:19 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll ==================== Files in the root of some directories ======= 2017-06-25 16:00 - 2017-06-25 16:00 - 000000194 _____ () C:\Users\ciara\FlightBeam_San Francisco Intl HD.reg 2017-11-22 14:05 - 2017-11-22 14:05 - 000000197 _____ () C:\Users\ciara\FlightBeam_Washington Dulles Intl - HD.reg 2017-06-10 00:32 - 2017-06-10 00:33 - 000000179 _____ () C:\Users\ciara\FSDreamTeam_GSX.reg 2017-02-10 20:05 - 2017-02-10 20:05 - 004096000 _____ () C:\Program Files (x86)\GUTA794.tmp 2017-06-17 18:20 - 2017-07-02 23:14 - 000728064 _____ () C:\Users\ciara\AppData\Local\file__0.localstorage 2017-08-13 22:25 - 2017-08-13 22:25 - 000003423 _____ () C:\Users\ciara\AppData\Local\recently-used.xbel 2017-06-17 17:34 - 2017-06-17 17:34 - 000000017 _____ () C:\Users\ciara\AppData\Local\resmon.resmoncfg Some files in TEMP: ==================== 2017-11-25 00:32 - 2017-09-15 11:01 - 001930320 _____ (Microsoft Corporation) C:\Users\ciara\AppData\Local\Temp\dllnt_dump.dll 2017-11-02 21:34 - 2017-11-02 21:35 - 012947785 _____ () C:\Users\ciara\AppData\Local\Temp\FlyTampa_Configurator_Libraries_FSX_P3D.exe 2017-10-10 18:51 - 2017-10-06 11:52 - 000760032 _____ (NVIDIA Corporation) C:\Users\ciara\AppData\Local\Temp\nvSCPAPI.dll 2017-10-10 18:51 - 2017-10-06 11:52 - 000874184 _____ (NVIDIA Corporation) C:\Users\ciara\AppData\Local\Temp\nvSCPAPI64.dll 2017-10-30 20:10 - 2017-10-06 11:52 - 000370296 _____ (NVIDIA Corporation) C:\Users\ciara\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-11-24 23:36 ==================== End of FRST.txt ============================ Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186478 Share Posted November 25, 2017 Alright. Give me screenshots of your New Tab, Search Engines and On start-up settings in Google Chrome. Basically, screenshots of the sections shown in the thread I linked you (the 2nd post, mine). Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186484 Share Posted November 25, 2017 2 minutes ago, Aura said: Alright. Give me screenshots of your New Tab, Search Engines and On start-up settings in Google Chrome. Basically, screenshots of the sections shown in the thread I linked you (the 2nd post, mine). Can I just make a note - I have not seen any browser hijacker at all on my system, it only came to light when I did a malware scan with Malwarebytes. Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186485 Share Posted November 25, 2017 Alright, delete the "Ask Jeeves" entry from the second screenshot. Now in the third screenshot, select "Open a specific page or set of pages". Are any websites listed underneath it? Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186486 Share Posted November 25, 2017 8 minutes ago, Aura said: Alright, delete the "Ask Jeeves" entry from the second screenshot. Now in the third screenshot, select "Open a specific page or set of pages". Are any websites listed underneath it? No websites are listed underneath the Open a specific page etc. Its a complete mystery as to what is going on. Could it be Malwarebytes over protecting? Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186487 Share Posted November 25, 2017 No, as these aren't false positives. Did you delete the "Ask Jeeves" entry? Also, I don't see a screenshot of your "New Tab" settings. Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186489 Share Posted November 25, 2017 3 minutes ago, Aura said: No, as these aren't false positives. Did you delete the "Ask Jeeves" entry? Also, I don't see a screenshot of your "New Tab" settings. Could you direct me towards the area where the New Tab settings are? Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186490 Share Posted November 25, 2017 Under the "Appearance" section in the settings. Just under "Users". See the first screenshot in my post in the thread I linked you at the beginning. Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186491 Share Posted November 25, 2017 5 minutes ago, Aura said: Under the "Appearance" section in the settings. Just under "Users". See the first screenshot in my post in the thread I linked you at the beginning. Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186492 Share Posted November 25, 2017 Hum... can you run a new scan with Malwarebytes and provide me the log? I'll see what's left to remove. Link to post Share on other sites More sharing options...
SlowSource Posted November 25, 2017 Author ID:1186496 Share Posted November 25, 2017 22 minutes ago, Aura said: Hum... can you run a new scan with Malwarebytes and provide me the log? I'll see what's left to remove. Thanks for all of your help, but I have decided to uninstall Chrome and just ignore the files its telling me are issues as I have gone to their supposed location but since I uninstalled Chrome their location doesn't exist anymore. Again - thank you. Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186498 Share Posted November 25, 2017 Well, that's one way of dealing with this. A fix for this should be released soon, but there are no ETA. So keep an eye out for that fix once it gets released. If you need me to re-open this thread, just drop me a PM. And no problem SlowSource, you're welcome! Stay safe Link to post Share on other sites More sharing options...
Aura Posted November 25, 2017 ID:1186499 Share Posted November 25, 2017 Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts