Solved Virus won't let my laptop connect to internet

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 x64
Ran by hersheychoco9 (Administrator) on 01/05/2016 Tue at 22:06:05.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9

Successfully deleted: C:\ProgramData\138e4d8c00000736 (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\hersheychoco9\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\hersheychoco9\Appdata\LocalLow\company (Folder)
Successfully deleted: C:\Users\hersheychoco9\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_hersheychoco9 (Task)
Successfully deleted: C:\Windows\Tasks\Uninstaller_SkipUac_hersheychoco9.job (Task)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/05/2016 Tue at 22:09:58.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by hersheychoco9 (administrator) on CHOCOYAUTJA (05-01-2016 22:18:52)
Running from C:\Users\hersheychoco9\Desktop
Loaded Profiles: hersheychoco9 (Available Profiles: hersheychoco9 & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Roboscan Inc) C:\Program Files\Roboscan\Roboscan\RSRTSrv.rse
(Roboscan Inc) C:\Program Files\Roboscan\Roboscan\RSUpdSrv.rse
(Paltiosoft Inc.) C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Roboscan Inc) C:\Program Files\Roboscan\Roboscan\RSAgent.rse
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Users\hersheychoco9\Desktop\Utilities\CCleaner\CCleaner64.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [Roboscan] => c:\program files\roboscan\roboscan\RSLaunch.exe [257856 2013-11-18] (Roboscan Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\Run: [CCleaner Monitoring] => C:\Users\hersheychoco9\Desktop\Utilities\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1030869394-3123877279-975090705-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-18\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-01-05]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roboscan Internet Security [2014-10-10] ()
Startup: C:\Users\hersheychoco9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-01-05]
ShortcutTarget: Curse.lnk -> C:\Users\hersheychoco9\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
BootExecute: autocheck autochk * bootroboscan.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EF083E6B-E699-4F22-B8D6-6AFFF4638C72}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FE2B955A-7119-470B-99F7-D23E3FE58734}: [DhcpNameServer] 75.75.76.76 75.75.75.75

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-06] (Oracle Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\hersheychoco9\AppData\Roaming\Mozilla\Firefox\Profiles\6jvaf1qu.default
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

Chrome:
=======
CHR Profile: C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-05]
CHR Extension: (Google Drive) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-05]
CHR Extension: (YouTube) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-05]
CHR Extension: (Google Search) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-05]
CHR Extension: (Skype) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-05]
CHR Extension: (Gmail) - C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Roboscan_RTSrv; C:\Program Files\Roboscan\Roboscan\RSRTSrv.rse [439104 2013-11-18] (Roboscan Inc)
R2 Roboscan_UpdSrv; C:\Program Files\Roboscan\Roboscan\RSUpdSrv.rse [842048 2013-11-18] (Roboscan Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
R2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [241808 2010-03-12] (Paltiosoft Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [356352 2015-09-23] (Wondershare) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 AdvancedSystemCareService8; D:\Utilities\Advanced SystemCare 8\ASCService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131328 2014-10-08] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-18] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 RoboFww; c:\program files\roboscan\roboscan\plugin\realtime\RoboFww.sys [35616 2013-11-18] (Roboscan Inc)
R3 RoboRtwIFDrv; c:\program files\roboscan\roboscan\plugin\realtime\RoboRtw.sys [97056 2013-11-18] (Roboscan Inc)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-16] (Synaptics Incorporated)
U3 TrueSight; C:\WINDOWS\System32\drivers\TrueSight.sys [30848 2016-01-05] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 22:18 - 2016-01-05 22:19 - 00017758 _____ C:\Users\hersheychoco9\Desktop\FRST.txt
2016-01-05 22:04 - 2016-01-05 22:04 - 01599336 _____ (Malwarebytes) C:\Users\hersheychoco9\Desktop\JRT.exe
2016-01-05 22:03 - 2016-01-05 22:03 - 01749504 _____ C:\Users\hersheychoco9\Downloads\adwcleaner_5.028.exe
2016-01-05 21:54 - 2016-01-05 21:59 - 00000000 ____D C:\AdwCleaner
2016-01-05 21:53 - 2016-01-05 22:12 - 00000000 ____D C:\Users\hersheychoco9\Desktop\TxtFiles
2016-01-05 21:52 - 2016-01-05 21:52 - 01749504 _____ C:\Users\hersheychoco9\Desktop\adwcleaner_5.028.exe
2016-01-05 21:24 - 2016-01-05 21:44 - 00001126 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-05 21:24 - 2016-01-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-05 21:24 - 2016-01-05 21:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-05 21:24 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-05 21:24 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-05 21:24 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-05 20:57 - 2016-01-05 21:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-01-05 20:57 - 2016-01-05 20:57 - 00030848 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-01-05 20:55 - 2016-01-05 20:57 - 22908888 _____ (Malwarebytes ) C:\Users\hersheychoco9\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-05 20:55 - 2016-01-05 20:56 - 20835400 _____ C:\Users\hersheychoco9\Desktop\RogueKiller.exe
2016-01-05 20:43 - 2015-12-26 02:48 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 20:43 - 2015-12-26 02:48 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-05 20:39 - 2016-01-05 20:39 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-05 20:29 - 2016-01-05 17:02 - 02370560 _____ (Farbar) C:\Users\hersheychoco9\Desktop\FRST64.exe
2016-01-05 17:08 - 2016-01-05 22:18 - 00000000 ____D C:\FRST
2016-01-05 17:05 - 2015-07-16 12:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2016-01-05 17:05 - 2015-05-12 07:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-01-05 17:05 - 2015-04-28 07:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2016-01-05 17:05 - 2015-04-28 07:13 - 00513480 _____ C:\Windows\system32\locale.nls
2016-01-05 17:04 - 2015-09-18 21:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-05 17:04 - 2015-09-18 07:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-05 17:04 - 2015-09-18 07:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-05 17:04 - 2015-09-18 07:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-05 17:04 - 2015-09-18 07:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-05 17:04 - 2015-09-18 07:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-05 17:04 - 2015-09-18 07:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-05 17:04 - 2015-08-22 07:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-05 17:04 - 2015-05-21 07:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-05 17:04 - 2015-03-31 22:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-01-05 17:04 - 2015-03-31 22:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-01-05 17:04 - 2015-03-31 22:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-01-05 17:04 - 2015-03-31 22:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-01-05 17:04 - 2015-03-31 21:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-01-05 17:04 - 2015-03-31 21:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-01-05 17:04 - 2015-03-31 21:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-01-05 17:04 - 2015-03-31 20:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-01-05 17:04 - 2015-03-31 20:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-01-05 17:04 - 2015-03-31 20:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-01-05 17:04 - 2015-03-31 20:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-01-05 17:04 - 2015-03-31 20:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-01-05 17:04 - 2015-03-31 20:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-01-05 17:03 - 2015-10-05 12:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-01-05 17:03 - 2015-10-05 12:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-01-05 17:03 - 2015-07-10 13:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2016-01-05 17:03 - 2015-05-11 10:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-01-05 17:03 - 2015-05-03 09:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-01-05 17:03 - 2015-05-03 08:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-01-05 17:03 - 2015-04-23 09:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-01-05 17:03 - 2015-04-23 09:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-01-05 17:03 - 2015-04-16 00:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-01-05 17:03 - 2015-03-12 22:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-01-05 17:03 - 2015-03-12 22:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-01-05 17:03 - 2015-03-05 21:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-01-05 17:03 - 2015-03-05 20:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-01-05 17:02 - 2015-05-07 10:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-01-05 17:02 - 2015-03-10 19:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-01-05 17:02 - 2015-03-10 19:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-01-05 17:02 - 2015-02-07 17:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-01-05 17:02 - 2015-02-07 17:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-01-05 17:02 - 2015-01-29 20:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-01-05 17:02 - 2015-01-29 19:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-01-05 17:02 - 2015-01-29 19:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-01-05 17:02 - 2015-01-29 19:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-01-05 17:02 - 2015-01-29 19:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-01-05 17:02 - 2015-01-29 19:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-01-05 17:02 - 2015-01-29 19:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-01-05 17:02 - 2015-01-29 19:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-01-05 17:02 - 2015-01-27 17:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-01-05 17:02 - 2015-01-27 17:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-01-05 16:52 - 2014-12-10 23:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-12-29 16:11 - 2015-12-29 16:11 - 00002860 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-29 16:06 - 2015-12-29 16:06 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-12-29 16:06 - 2015-12-29 16:06 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-12-29 16:06 - 2015-12-29 16:06 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-12-29 16:06 - 2015-12-29 16:06 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-12-29 16:05 - 2016-01-05 21:54 - 00000000 ____D C:\Users\hersheychoco9\Desktop\Utilities
2015-12-29 16:05 - 2015-12-29 16:05 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-12-29 16:05 - 2015-12-29 16:05 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-12-29 16:05 - 2015-12-29 16:05 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-12-29 16:04 - 2015-12-29 16:04 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-12-29 16:04 - 2015-12-29 16:04 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-12-29 16:04 - 2015-12-29 16:04 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-12-29 16:04 - 2015-12-29 16:04 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-12-29 16:04 - 2015-12-29 16:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-12-29 16:04 - 2015-12-29 16:04 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-12-29 16:02 - 2015-12-29 16:02 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-12-29 16:02 - 2015-12-29 16:02 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-12-29 16:02 - 2015-12-29 16:02 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-12-29 16:02 - 2015-12-29 16:02 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-12-29 16:02 - 2015-12-29 16:02 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-12-29 16:02 - 2015-12-29 16:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-12-29 15:54 - 2015-12-29 15:54 - 83947520 _____ C:\Windows\system32\config\SOFTWARE.iobit
2015-12-29 15:54 - 2015-12-29 15:54 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iobit
2015-12-29 15:54 - 2015-12-29 15:54 - 00065536 _____ C:\Windows\system32\config\SAM.iobit
2015-12-29 15:54 - 2015-12-29 15:54 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2015-12-29 15:53 - 2016-01-05 21:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-29 15:52 - 2015-12-29 15:52 - 00002366 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_hersheychoco9
2015-12-29 15:52 - 2015-12-29 15:52 - 00000250 _____ C:\Windows\Tasks\ASC8_SkipUac_hersheychoco9.job
2015-12-29 14:35 - 2015-12-29 14:35 - 00000000 ____D C:\Windows\pss
2015-12-29 03:32 - 2015-12-29 03:32 - 00000000 ____D C:\UsbFix
2015-12-29 01:12 - 2015-12-29 01:12 - 00009084 _____ C:\WirelessDiagLog.csv
2015-12-28 23:37 - 2015-12-28 23:37 - 00000000 ____D C:\Windows\system32\uopu
2015-12-28 23:31 - 2015-12-28 23:44 - 00000000 ____D C:\Users\hersheychoco9\AppData\Roaming\Opera Software
2015-12-28 23:31 - 2015-12-28 23:44 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\Opera Software
2015-12-28 23:26 - 2015-12-28 23:34 - 00000883 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-12-28 23:25 - 2015-12-28 23:25 - 00000000 ____D C:\ProgramData\62f92eec-4927-1
2015-12-28 23:25 - 2015-12-28 23:25 - 00000000 ____D C:\ProgramData\62f92eec-4791-0
2015-12-28 23:17 - 2015-12-28 23:17 - 00000000 ____D C:\Program Files (x86)\ExploreTech
2015-12-28 23:08 - 2015-12-28 23:08 - 00004784 _____ C:\Windows\SysWOW64\Comvud.ini
2015-12-28 23:08 - 2015-12-28 23:08 - 00002504 _____ C:\Windows\SysWOW64\ComvudOff.ini
2015-12-28 23:08 - 2015-12-28 23:08 - 00002504 _____ C:\Windows\system32\ComvudOff.ini
2015-12-28 23:08 - 2015-12-28 23:08 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\Tempfolder
2015-12-28 23:08 - 2015-12-28 23:08 - 00000000 ____D C:\ProgramData\33010bcc-5741-1
2015-12-28 23:08 - 2015-12-28 23:08 - 00000000 ____D C:\ProgramData\33010bcc-4455-0
2015-12-28 23:08 - 2015-12-28 22:01 - 00768368 _____ C:\Windows\system32\Comvud64.dll
2015-12-28 23:07 - 2016-01-05 21:59 - 00000000 ____D C:\Users\hersheychoco9\AppData\Roaming\Common
2015-12-28 23:04 - 2016-01-05 20:32 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\Pool Component
2015-12-28 22:29 - 2015-12-28 22:29 - 00271609 _____ C:\Users\hersheychoco9\Downloads\[kat.cr]the.men.of.yoshiwara.kikuya.gyakuten.yoshiwara.visual.novel.english.torrent
2015-12-28 22:28 - 2015-10-29 14:02 - 00000015 _____ C:\Users\hersheychoco9\Downloads\USE PASSWORD - 12345.txt
2015-12-21 23:44 - 2015-12-21 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-20 02:01 - 2015-12-20 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-12-10 19:26 - 2014-03-06 03:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-12-10 19:25 - 2014-03-06 03:24 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-12-10 19:25 - 2014-03-06 03:24 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-12-10 19:25 - 2014-03-06 03:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-12-09 13:37 - 2016-01-05 20:39 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-09 13:30 - 2015-11-22 00:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-09 13:30 - 2015-11-22 00:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-09 13:30 - 2015-11-22 00:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-09 13:30 - 2015-11-22 00:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-09 13:30 - 2015-11-22 00:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-09 13:30 - 2015-11-22 00:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-09 13:30 - 2015-11-22 00:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-09 13:30 - 2015-11-21 12:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-09 13:30 - 2015-11-21 11:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-09 13:30 - 2015-11-21 10:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 13:30 - 2015-11-21 10:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 13:30 - 2015-11-21 10:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 13:30 - 2015-11-21 10:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 13:30 - 2015-11-11 10:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 13:30 - 2015-11-11 10:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 13:30 - 2015-11-11 09:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 13:30 - 2015-11-11 09:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-12-09 13:30 - 2015-11-11 09:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 13:30 - 2015-11-11 09:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 13:30 - 2015-11-09 18:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 13:30 - 2015-11-09 18:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 13:30 - 2015-11-09 18:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 13:30 - 2015-11-09 18:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 13:30 - 2015-11-09 18:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 13:30 - 2015-11-09 17:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 13:30 - 2015-11-09 17:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-09 13:30 - 2015-11-09 17:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 13:30 - 2015-11-09 17:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 13:30 - 2015-11-09 17:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 13:30 - 2015-11-09 17:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 13:30 - 2015-11-09 17:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-12-09 13:30 - 2015-11-09 17:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 13:30 - 2015-11-09 17:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 13:30 - 2015-11-09 17:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 13:30 - 2015-11-08 18:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 13:30 - 2015-11-08 16:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 13:30 - 2015-11-08 16:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 13:30 - 2015-11-08 16:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 13:30 - 2015-11-08 16:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 13:30 - 2015-11-08 16:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 13:30 - 2015-11-08 16:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 13:30 - 2015-11-08 15:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 13:30 - 2015-11-08 15:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-09 13:30 - 2015-11-08 15:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-09 13:30 - 2015-11-08 15:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 13:30 - 2015-11-08 15:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 13:30 - 2015-11-08 15:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 13:30 - 2015-11-08 15:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 13:30 - 2015-11-08 15:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 13:30 - 2015-11-08 15:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 13:30 - 2015-11-08 15:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 13:30 - 2015-11-08 15:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 13:30 - 2015-11-08 15:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-12-09 13:30 - 2015-11-08 14:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-12-09 13:30 - 2015-11-08 14:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 13:30 - 2015-11-08 14:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 13:30 - 2015-11-08 14:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 13:30 - 2015-11-08 14:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-12-09 13:30 - 2015-11-08 14:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 13:30 - 2015-11-08 14:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 13:30 - 2015-11-05 02:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 13:29 - 2015-11-20 16:47 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 13:29 - 2015-11-20 12:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 13:29 - 2015-11-20 10:58 - 03706880 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 13:29 - 2015-11-20 10:47 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 13:29 - 2015-11-20 10:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 13:29 - 2015-11-20 10:44 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-12-09 13:29 - 2015-11-20 10:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 13:29 - 2015-11-20 10:43 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 13:29 - 2015-11-20 10:42 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 13:29 - 2015-11-20 10:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 13:29 - 2015-11-20 10:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 13:29 - 2015-11-20 10:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 13:29 - 2015-11-20 10:27 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 13:29 - 2015-10-28 09:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-09 13:29 - 2015-10-28 09:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-06 00:57 - 2015-07-30 08:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-06 00:57 - 2015-07-30 07:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
 
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 22:18 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS
2016-01-05 22:17 - 2014-10-10 05:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1030869394-3123877279-975090705-1001
2016-01-05 22:09 - 2014-05-13 21:39 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-01-05 22:07 - 2014-05-13 21:18 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 22:07 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\Inf
2016-01-05 22:05 - 2014-11-21 23:28 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-05 22:03 - 2015-03-11 08:30 - 00000000 ___DO C:\Users\hersheychoco9\OneDrive
2016-01-05 22:02 - 2014-11-21 23:28 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 22:01 - 2014-10-10 07:49 - 00000318 _____ C:\Windows\system32\ayboot.ini
2016-01-05 22:01 - 2013-08-22 08:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-05 21:44 - 2015-11-09 07:29 - 00001156 _____ C:\Users\hersheychoco9\Desktop\Adobe Premiere Pro CC 2015.lnk
2016-01-05 21:44 - 2015-11-09 07:17 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-01-05 21:44 - 2015-11-07 17:28 - 00001182 _____ C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2016-01-05 21:44 - 2015-11-07 17:28 - 00001182 _____ C:\Users\Public\Desktop\Game Booster 3.lnk
2016-01-05 21:44 - 2015-10-29 11:48 - 00001171 _____ C:\Users\Public\Desktop\Wondershare MobileGo.lnk
2016-01-05 21:44 - 2015-10-26 11:27 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-01-05 21:44 - 2015-10-26 11:27 - 00001225 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-01-05 21:44 - 2015-09-21 21:29 - 00001240 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-01-05 21:44 - 2015-09-21 21:05 - 00001078 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-05 21:44 - 2015-09-20 19:54 - 00001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash Professional CC 2015.lnk
2016-01-05 21:44 - 2015-08-22 10:12 - 00002707 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-05 21:44 - 2015-05-14 19:14 - 00001070 _____ C:\Users\hersheychoco9\Desktop\Curse.lnk
2016-01-05 21:44 - 2015-05-14 19:14 - 00001056 _____ C:\Users\hersheychoco9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-01-05 21:44 - 2015-04-16 17:08 - 00001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk
2016-01-05 21:44 - 2015-04-16 17:08 - 00001906 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2016-01-05 21:44 - 2015-04-16 16:41 - 00002228 _____ C:\Users\Public\Desktop\Autodesk SketchBookExpress 2010 R1.lnk
2016-01-05 21:44 - 2015-01-03 03:32 - 00001796 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-01-05 21:44 - 2015-01-03 03:32 - 00001790 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-01-05 21:44 - 2014-12-30 04:17 - 00000944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-01-05 21:44 - 2014-12-19 21:22 - 00001619 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-01-05 21:44 - 2014-11-21 23:29 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-05 21:44 - 2014-10-10 08:41 - 00000971 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-05 21:44 - 2014-10-10 07:47 - 00001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Roboscan Internet Security.lnk
2016-01-05 21:44 - 2014-10-10 07:47 - 00001045 _____ C:\Users\Public\Desktop\Roboscan Internet Security.lnk
2016-01-05 21:44 - 2014-10-08 11:15 - 00001444 _____ C:\Users\hersheychoco9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-05 21:44 - 2014-10-08 11:14 - 00000469 _____ C:\Users\hersheychoco9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-01-05 21:44 - 2014-10-08 11:14 - 00000467 _____ C:\Users\hersheychoco9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-01-05 20:40 - 2013-08-22 07:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-05 20:39 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-05 20:39 - 2013-08-22 09:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-05 20:39 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-01-05 17:17 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\NDF
2015-12-29 17:12 - 2014-05-13 20:56 - 00000000 ____D C:\Windows\Panther
2015-12-29 17:06 - 2013-08-22 09:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-12-29 16:42 - 2014-10-10 08:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-29 15:59 - 2015-01-03 03:31 - 00000000 ____D C:\Users\hersheychoco9\AppData\Roaming\Azureus
2015-12-29 15:49 - 2014-10-16 23:09 - 00000000 ____D C:\Users\hersheychoco9\AppData\Roaming\PCDr
2015-12-29 14:14 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\Registration
2015-12-29 02:25 - 2014-11-21 18:42 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\Adobe
2015-12-29 01:15 - 2014-10-10 05:40 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\ElevatedDiagnostics
2015-12-29 00:33 - 2014-10-10 06:46 - 00000000 __SHD C:\Users\hersheychoco9\AppData\LocalLow\EmieUserList
2015-12-29 00:33 - 2014-10-10 06:46 - 00000000 __SHD C:\Users\hersheychoco9\AppData\LocalLow\EmieSiteList
2015-12-28 23:43 - 2015-12-05 21:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-12-28 23:38 - 2013-08-22 08:44 - 05011720 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-28 23:36 - 2014-10-08 11:14 - 00000000 ____D C:\Users\hersheychoco9
2015-12-28 23:34 - 2014-10-10 06:46 - 00000000 __SHD C:\Users\hersheychoco9\AppData\Local\EmieUserList
2015-12-28 23:34 - 2014-10-10 06:46 - 00000000 __SHD C:\Users\hersheychoco9\AppData\Local\EmieSiteList
2015-12-28 23:27 - 2013-08-22 07:25 - 00000226 _____ C:\Windows\win.ini
2015-12-28 22:29 - 2015-01-03 03:31 - 00000000 ____D C:\Users\hersheychoco9\Documents\Vuze Downloads
2015-12-28 22:28 - 2015-01-03 03:31 - 00000000 ____D C:\Program Files\Vuze
2015-12-28 19:33 - 2014-10-19 20:11 - 00000000 ____D C:\Users\hersheychoco9\AppData\Roaming\Skype
2015-12-25 20:51 - 2015-05-14 19:14 - 00000000 ____D C:\Users\hersheychoco9\AppData\Roaming\Curse Client
2015-12-23 23:38 - 2015-02-18 23:09 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\Steam
2015-12-21 23:44 - 2014-10-19 20:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-21 23:44 - 2014-10-19 20:11 - 00000000 ____D C:\Users\hersheychoco9\AppData\Local\Skype
2015-12-21 23:44 - 2014-10-19 20:10 - 00000000 ____D C:\ProgramData\Skype
2015-12-17 20:08 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\rescache
2015-12-13 19:52 - 2014-05-13 21:21 - 00000000 ____D C:\ProgramData\Dell
2015-12-09 13:38 - 2013-08-22 13:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ___SD C:\Windows\system32\dsc
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ___RD C:\Windows\ToastData
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\WinStore
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\setup
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\migwiz
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\Com
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\MediaViewer
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\IME
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\FileManager
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\Camera
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-12-09 13:38 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-09 13:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-12-09 13:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-12-09 13:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\Sysprep
2015-12-09 13:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\oobe
2015-12-09 13:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\Dism
2015-12-09 13:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\servicing
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\InputMethod
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-12-09 13:37 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-09 13:34 - 2015-12-05 23:20 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 13:27 - 2015-12-05 23:20 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some files in TEMP:
====================
C:\Users\hersheychoco9\AppData\Local\Temp\dllnt_dump.dll
C:\Users\hersheychoco9\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-20 22:31

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by hersheychoco9 (2016-01-05 22:19:34)
Running from C:\Users\hersheychoco9\Desktop
Windows 8.1 (X64) (2014-05-14 03:51:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1030869394-3123877279-975090705-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1030869394-3123877279-975090705-501 - Limited - Disabled)
hersheychoco9 (S-1-5-21-1030869394-3123877279-975090705-1001 - Administrator - Enabled) => C:\Users\hersheychoco9

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Roboscan (Enabled - Up to date) {9D201895-DDC4-8A80-AD2D-06BCC9382E61}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Roboscan (Enabled - Up to date) {2641F971-FBFE-850E-979D-3DCEB2BF64DC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Roboscan (Enabled) {A51B99B0-97AB-8BD8-8672-AF8937EB691A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2015 (HKLM-x32\...\{31390329-FFF0-11E4-85AD-AF2C4143F080}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aliens versus Predator Classic 2000 (HKLM-x32\...\Steam App 3730) (Version: - Rebellion)
Autodesk SketchBookExpress 2010 R1 (HKLM-x32\...\{426187BC-F500-4208-B3C1-96876EE7FA31}) (Version: 4.12.0001 - Autodesk)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Color Efex Pro 3.0 Wacom Edition 6 (HKLM-x32\...\Color Efex Pro 3.0 Wacom Edition 6 Stand-Alone) (Version: 3.1.1.1 - Nik Software, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.4 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{C87ADBDA-EF36-4A53-B05C-DBCD98D3A2CA}) (Version: 1.4.2000.0 - Dell Inc.)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dragon Nest (HKLM-x32\...\Steam App 11610) (Version: - Eyedentity Games Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.5 - IObit)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6882ac6d-e97d-4e25-b3ea-5f3f21055dfe}) (Version: 16.6.0 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-cf0a7b04-8d44-4d89-bebf-60876b806bed) (Version: - Epic Games, Inc.)
Nicole (otome version) (HKLM-x32\...\Steam App 307190) (Version: - Winter Wolves)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Roboscan Internet Security (HKLM\...\Roboscan_is1) (Version: v2.5 - Roboscan Inc.)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
SdRt4200 (HKLM-x32\...\{140347A0-4A0C-44FC-9CA1-C8A3471899B7}) (Version: 4.2.8.0 - パルティオソフト株式会社)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED)
TOXIKK (HKLM-x32\...\Steam App 324810) (Version: - Reakktor Studios)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{E75B82FD-B6FD-4653-8685-F3A97BDFEA6E}) (Version: 15.0.2013 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{01E87699-A49D-413A-B75B-7C434FEF979C}) (Version: 15.0.2013 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare MobileGo ( Version 8.0.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.0.0 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1030869394-3123877279-975090705-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1942C491-20D1-442F-BC74-6769F1D1280D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {1D1D0A16-ADA3-40B5-A257-8E6A372FF7F1} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-hershey99999@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {32CB8F3D-72E2-4F26-AF79-830A7A116864} - \Easy Driver Pro Schedule -> No File <==== ATTENTION
Task: {642B9DD6-2DA0-4C37-82B8-2B043D8E899E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7AF5A5D6-6314-46CE-A436-82522A94B518} - System32\Tasks\CCleanerSkipUAC => C:\Users\hersheychoco9\Desktop\Utilities\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {7BC0E46C-BFEC-438E-AFA4-ECE363145385} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2015-11-07] ()
Task: {80113A5B-9EE2-4DF6-A1E6-7ED2A1C45754} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9BA7BA7E-1533-4B35-ABFE-16D2D5009E73} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-16] (Synaptics Incorporated)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {F61341FC-B312-4A23-8F26-9CB5191CF5BF} - \SushiLeads -> No File <==== ATTENTION
Task: {F911CADE-3A34-4F78-B0C3-0F67C227D535} - System32\Tasks\Dell\Dell Product Registration => /boot /LSRC=autolaunch
Task: {FB55E3BB-58E9-4918-98BC-AE9BBBD84928} - System32\Tasks\ASC8_SkipUac_hersheychoco9 => D:\Utilities\Advanced SystemCare 8\ASC.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ASC8_SkipUac_hersheychoco9.job => D:\Utilities\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-09-18 13:37 - 2014-07-02 21:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-09-21 21:29 - 2014-10-16 09:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-05-13 21:32 - 2013-12-18 11:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-18 13:37 - 2014-07-30 17:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-05-13 21:40 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-09-18 13:37 - 2012-11-25 23:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2015-12-16 21:07 - 2015-12-10 21:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 21:07 - 2015-12-10 21:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-24 14:33 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\hersheychoco9\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Roboscan_UpdSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Roboscan_UpdSrv => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2015-12-29 14:05 - 00000831 ____A C:\Windows\system32\Drivers\etc\hosts

# ::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1030869394-3123877279-975090705-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hersheychoco9\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "BrowserAppCoreService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DF36D0F5D36790FB776196B8BD1F923B"
HKU\S-1-5-21-1030869394-3123877279-975090705-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3358EEB9-BF63-4965-BB07-5D87F8455602}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{24B1F9F1-7C3F-41AA-A61E-0509379FACD8}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{1C03B25A-7B58-455E-9B0B-E52E038D3A25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D776EB9A-C2A3-41DE-BC72-EFF3929CC640}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7D3C883A-AEBC-4F58-991D-26810ACBFD9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C81A2B31-CC74-4C27-A3FF-2BACD2DD09C3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B861BA79-6EB3-4518-85BA-3C4F495C531B}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{8A96865D-D43C-464C-B756-000B93387C90}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{D6EFD58F-3D27-4F3F-9B8A-84BECCB3D072}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{E923A876-FFC4-447F-9524-1FA7B5A5C777}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{307D7EAB-27D0-4FA3-8D10-7BBE8468F080}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{E81FC140-03A3-4BFB-BFB1-5705CAECEA85}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{D702B8EF-7F57-4076-8982-9A2DF089EF9C}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse
FirewallRules: [{722B3B84-7078-4CFD-BCBA-9C1EE31FF952}] => (Allow) c:\program files\roboscan\roboscan\rsupdsrv.rse

==================== Restore Points =========================

09-12-2015 13:27:06 Windows Update
17-12-2015 20:05:00 Scheduled Checkpoint
25-12-2015 18:53:48 Scheduled Checkpoint
28-12-2015 23:12:21 PCAcceleratePro restore point
29-12-2015 00:03:18 Restore Operation
29-12-2015 16:00:38 Windows Modules Installer
05-01-2016 20:37:00 Windows Update
05-01-2016 22:06:13 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2016 08:37:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Wondershare Driver Install Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/05/2016 08:37:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service WajaNetEn Monitor since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/05/2016 08:37:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Update Simple for You since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/05/2016 08:37:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service SushiLeadsUpdaterService since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/05/2016 08:37:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Network Protocols Adapter since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/05/2016 04:51:26 PM) (Source: IntelDalJhi) (EventID: 11) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service has encountered an internal connection problem.

Error: (12/29/2015 05:15:24 PM) (Source: IntelDalJhi) (EventID: 11) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service has encountered an internal connection problem.

Error: (12/29/2015 05:06:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_PNRPsvc, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.18146, time stamp: 0x5650b9bb
Exception code: 0xc0000005
Fault offset: 0x000000000003dcfe
Faulting process id: 0x16b8
Faulting application start time: 0xsvchost.exe_PNRPsvc0
Faulting application path: svchost.exe_PNRPsvc1
Faulting module path: svchost.exe_PNRPsvc2
Report Id: svchost.exe_PNRPsvc3
Faulting package full name: svchost.exe_PNRPsvc4
Faulting package-relative application ID: svchost.exe_PNRPsvc5

Error: (12/29/2015 04:40:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHOCOYAUTJA)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/29/2015 04:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 2.3.125.0, time stamp: 0x5612a56b
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1374
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5


System errors:
=============
Error: (01/05/2016 10:01:39 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "CHOCOYAUTJA :20" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.7 did not allow the name to be claimed by
this computer.

Error: (01/05/2016 10:01:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{EF083E6B-E699-4F22-B8D6-6AFFF4638C72} because another computer on the network has the same name. The server could not start.

Error: (01/05/2016 10:01:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "CHOCOYAUTJA :0" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.7 did not allow the name to be claimed by
this computer.

Error: (01/05/2016 10:01:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Advanced SystemCare Service 8 service failed to start due to the following error:
%%2

Error: (01/05/2016 10:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069

Error: (01/05/2016 10:00:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/05/2016 09:59:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/05/2016 09:59:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/05/2016 09:59:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (01/05/2016 09:59:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2016-01-05 22:00:57.690
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 21:42:25.161
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 20:41:13.641
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 17:10:58.762
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Robo\Roboscan\plugin\realtime\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 17:10:41.734
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Roboscan\Roboscan\plugin\realtime\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 17:09:53.308
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Robo\Roboscan\plugin\realtime\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 17:02:18.858
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Roboscan\Roboscan\plugin\realtime\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-05 16:48:30.085
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-29 17:12:39.077
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-29 15:50:33.362
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Roboscan\Roboscan\plugin\realtime\bootroboscan.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 34%
Total physical RAM: 6024.96 MB
Available physical RAM: 3940.21 MB
Total Virtual: 6984.96 MB
Available Virtual: 4707.54 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:920.08 GB) (Free:675.93 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32 ==>[system with boot components (obtained from drive)]
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.29 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:10.05 GB) (Free:0.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5AA0DE3C)

Partition: GPT.

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    626 bytes · Views: 1
Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by hersheychoco9 (2016-01-05 22:38:04) Run:3
Running from C:\Users\hersheychoco9\Desktop
Loaded Profiles: hersheychoco9 (Available Profiles: hersheychoco9 & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
S2 AdvancedSystemCareService8; D:\Utilities\Advanced SystemCare 8\ASCService.exe [X]
C:\Users\hersheychoco9\AppData\Local\Temp\dllnt_dump.dll
C:\Users\hersheychoco9\AppData\Local\Temp\sqlite3.dll
Task: {32CB8F3D-72E2-4F26-AF79-830A7A116864} - \Easy Driver Pro Schedule -> No File <==== ATTENTION
Task: {F61341FC-B312-4A23-8F26-9CB5191CF5BF} - \SushiLeads -> No File <==== ATTENTION
Task: {FB55E3BB-58E9-4918-98BC-AE9BBBD84928} - System32\Tasks\ASC8_SkipUac_hersheychoco9 => D:\Utilities\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\ASC8_SkipUac_hersheychoco9.job => D:\Utilities\Advanced SystemCare 8\ASC.exe


*****************

AdvancedSystemCareService8 => service removed successfully
C:\Users\hersheychoco9\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\hersheychoco9\AppData\Local\Temp\sqlite3.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32CB8F3D-72E2-4F26-AF79-830A7A116864}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32CB8F3D-72E2-4F26-AF79-830A7A116864}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Easy Driver Pro Schedule => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F61341FC-B312-4A23-8F26-9CB5191CF5BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F61341FC-B312-4A23-8F26-9CB5191CF5BF}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SushiLeads => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB55E3BB-58E9-4918-98BC-AE9BBBD84928}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB55E3BB-58E9-4918-98BC-AE9BBBD84928}" => key removed successfully
C:\Windows\System32\Tasks\ASC8_SkipUac_hersheychoco9 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_hersheychoco9" => key removed successfully
C:\Windows\Tasks\ASC8_SkipUac_hersheychoco9.job => moved successfully

==== End of Fixlog 22:38:05 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Roboscan
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 60
Google Chrome (47.0.2526.106)
Google Chrome (47.0.2526.80)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 03-01-2016
Ran by hersheychoco9 (administrator) on 05-01-2016 at 22:46:44
Running from "C:\Users\hersheychoco9\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
Okay, well the Sophos Free Virus Removal Tool is taking longer than the other scans but its scanning right now.
 
Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

============================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

D
Windows xp home cannot connect to internet
Replies
4
Views
1K
bazz2004
B
IkariQuit
How to Enable XMP InsydeH20 Bios for Ram Upgrade
Replies
0
Views
448
IkariQuit
IkariQuit
Mickey1
PC Freezes & won't open anything
Replies
3
Views
509
info12345
info12345

Latest posts

Back