megabomination
Posts: 151 +0
Hi. My avast is telling me to upgrade and im not protected. I upgraded to the paid version in march this year!
Also pc is occasionly freezing etc...
Thought it might be time for a checkup
.........................................................................................................................................................
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-10-2016
Ran by Adam (administrator) on ADAMS-PC (03-10-2016 20:41:30)
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available Profiles: Adam & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Windows\System\HsMgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-24] (AVAST Software)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\system\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-17] (NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\RunOnce: [20160527] => "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\2972b27a-874d-4dc1-a1e7-04e533d2c67c\b6107de0-7c50-464a-86aa-b07a0f05b983.dll",_stage2@16
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adam\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adam\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adam\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-03-08] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{2b7d07f6-2ace-47c5-ad69-08776f846962}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{2be4de89-e698-4d4c-996b-95198005e152}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{31bc7a36-69ee-4cbf-908b-c0395abd1e64}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{469c7788-1a20-4c51-b3c4-c6077cf2e005}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{B13F0638-6983-4BEC-9C9B-7AA35F8F669D}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{f6afbb26-6cd1-43f7-8fef-f01ba76a9087}: [NameServer] 10.143.147.147,10.143.147.148
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2631302871-3897047704-381176597-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2631302871-3897047704-381176597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.techspot.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-12] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-12] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\TomTom\HOME\Profiles\k6hrp8c9.default [2015-06-06]
FF Extension: (Map status indicator) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-06-06] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-03]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2631302871-3897047704-381176597-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-15] ()
Chrome:
=======
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default [2016-10-03]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-08-12]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Avast Online Security) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-08] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-03-08] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [922744 2015-12-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6443128 2015-12-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5119096 2015-12-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2016-10-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-10-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2016-10-03] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [338936 2016-10-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-10-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2016-10-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2016-10-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2016-10-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118664 2016-10-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224616 2016-10-03] (AVAST Software)
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [1762304 2011-12-20] (C-Media Inc)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18552 2015-12-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [44840 2015-12-17] (NVIDIA Corporation)
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2014-02-23] (Sonic Solutions) [File not signed]
U1 staport; C:\WINDOWS\system32\Drivers\staport.sys [39832 2016-09-02] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [250368 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-03 20:41 - 2016-10-03 20:42 - 00015353 _____ C:\Users\Adam\Downloads\FRST.txt
2016-10-03 20:40 - 2016-10-03 20:41 - 00000000 ____D C:\FRST
2016-10-03 20:38 - 2016-10-03 20:40 - 01754624 _____ (Farbar) C:\Users\Adam\Downloads\FRST.exe
2016-10-03 19:59 - 2016-10-03 19:59 - 00039832 _____ () C:\WINDOWS\system32\Drivers\staport.sys.147548514864002
2016-10-03 19:58 - 2016-10-03 19:58 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-10-03 19:58 - 2016-10-03 19:58 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-10-03 19:58 - 2016-10-03 19:58 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-10-03 19:58 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB684.tmp
2016-10-03 19:58 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB4C8.tmp
2016-10-03 19:58 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB5A6.tmp
2016-10-03 19:58 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB683.tmp
2016-10-03 19:58 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAF87.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB685.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB594.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB5A7.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB10E.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB5A5.tmp
2016-10-03 19:51 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC14.tmp
2016-10-03 19:51 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABEF.tmp
2016-10-03 19:51 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC01.tmp
2016-10-03 19:51 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC13.tmp
2016-10-03 19:51 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABED.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC15.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABFF.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC12.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABEE.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC00.tmp
2016-10-03 19:50 - 2016-10-03 19:50 - 00346193 _____ C:\unp305472831129653052.mdmp
2016-10-03 19:50 - 2016-10-03 19:50 - 00341774 _____ C:\unp30547283752692329.mdmp
2016-10-03 19:50 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF259.tmp
2016-10-03 19:50 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF243.tmp
2016-10-03 19:50 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF256.tmp
2016-10-03 19:50 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF258.tmp
2016-10-03 19:50 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF241.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF26A.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF244.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF257.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF242.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF255.tmp
2016-10-03 19:49 - 2016-10-03 19:49 - 00319370 _____ C:\unp3054728359175106.mdmp
2016-10-03 19:49 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9E1.tmp
2016-10-03 19:49 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CC.tmp
2016-10-03 19:49 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9DE.tmp
2016-10-03 19:49 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9E0.tmp
2016-10-03 19:49 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CA.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00129144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngv5ADC.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9F2.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CD.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9DF.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CB.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9DD.tmp
2016-09-22 23:03 - 2016-09-22 23:03 - 00015356 _____ C:\Users\Adam\Desktop\Fare-Rules.pdf
2016-09-22 23:03 - 2016-09-22 23:03 - 00013657 _____ C:\Users\Adam\Desktop\Itinerary.pdf
2016-09-22 23:03 - 2016-09-22 23:03 - 00007029 _____ C:\Users\Adam\Desktop\Tax-Invoice.pdf
2016-09-22 20:55 - 2016-09-22 20:55 - 00259429 _____ C:\Users\Adam\Downloads\General Terms and Conditions of Business of cleverbridge AG.pdf
2016-09-22 20:55 - 2016-09-22 20:55 - 00082924 _____ C:\Users\Adam\Downloads\AKD-73650121483.pdf
2016-09-22 20:55 - 2016-09-22 20:55 - 00082835 _____ C:\Users\Adam\Downloads\98231181.pdf
2016-09-22 20:54 - 2016-09-22 20:54 - 14659584 _____ (Malwarebytes ) C:\Users\Adam\Downloads\mbam-setup-web.NT-2.2.1.1043.exe.32140lr.partial
2016-09-18 10:52 - 2016-09-18 10:52 - 09858135 _____ C:\Users\Adam\Desktop\Champion_Spark_Plugs_Catalogue_2010(V1s).PDF
2016-09-15 23:08 - 2014-02-21 20:32 - 1089143563 _____ C:\Users\Adam\Desktop\PPRO_2.0_Ret-NH_UE.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-03 20:25 - 2015-06-11 19:37 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-03 20:21 - 2015-10-30 16:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-03 20:02 - 2015-01-24 13:31 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-03 19:59 - 2014-02-16 14:20 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-10-03 19:59 - 2014-02-16 14:20 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-10-03 19:58 - 2016-03-08 19:11 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-10-03 19:58 - 2014-05-17 17:46 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-10-03 19:57 - 2016-03-08 19:11 - 00338936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2016-10-03 19:53 - 2016-02-01 20:22 - 00988244 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-03 19:53 - 2015-10-30 16:47 - 00000000 ____D C:\WINDOWS\INF
2016-10-03 19:51 - 2016-04-27 20:53 - 00002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2016-10-03 19:51 - 2016-03-08 19:11 - 00002085 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-10-03 19:51 - 2015-10-30 16:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-10-03 19:47 - 2016-02-01 20:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-03 19:47 - 2016-02-01 20:22 - 00000000 ____D C:\Users\Adam
2016-10-03 19:47 - 2014-03-07 06:32 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-03 19:46 - 2014-03-07 06:32 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-17 18:47 - 2014-03-07 06:33 - 00002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-16 19:50 - 2015-06-06 16:26 - 00000000 ____D C:\Users\Adam\Documents\TomTom
2016-09-16 00:24 - 2016-02-05 19:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-11 17:58 - 2014-03-27 17:11 - 00000000 ____D C:\Users\Adam\Documents\Reciepts
2016-09-07 12:00 - 2015-10-30 16:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-09-07 12:00 - 2015-10-30 16:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2016-07-16 00:17 - 2016-07-16 00:17 - 0018115 _____ () C:\Users\Adam\AppData\Roaming\UserTile.png
2014-05-29 19:45 - 2014-05-29 19:46 - 0007612 _____ () C:\Users\Adam\AppData\Local\resmon.resmoncfg
2015-08-09 02:10 - 2015-08-09 02:10 - 0000000 _____ () C:\Users\Adam\AppData\Local\{F7AFF22D-F8D3-457D-A170-F72C6116EF10}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-30 21:01
==================== End of FRST.txt ============================
Also pc is occasionly freezing etc...
Thought it might be time for a checkup
.........................................................................................................................................................
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-10-2016
Ran by Adam (administrator) on ADAMS-PC (03-10-2016 20:41:30)
Running from C:\Users\Adam\Downloads
Loaded Profiles: Adam (Available Profiles: Adam & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Windows\System\HsMgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-24] (AVAST Software)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\system\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-17] (NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\RunOnce: [20160527] => "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\2972b27a-874d-4dc1-a1e7-04e533d2c67c\b6107de0-7c50-464a-86aa-b07a0f05b983.dll",_stage2@16
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adam\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adam\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adam\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-03-08] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{2b7d07f6-2ace-47c5-ad69-08776f846962}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{2be4de89-e698-4d4c-996b-95198005e152}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{31bc7a36-69ee-4cbf-908b-c0395abd1e64}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{469c7788-1a20-4c51-b3c4-c6077cf2e005}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{B13F0638-6983-4BEC-9C9B-7AA35F8F669D}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{f6afbb26-6cd1-43f7-8fef-f01ba76a9087}: [NameServer] 10.143.147.147,10.143.147.148
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2631302871-3897047704-381176597-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2631302871-3897047704-381176597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.techspot.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-12] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-12] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\TomTom\HOME\Profiles\k6hrp8c9.default [2015-06-06]
FF Extension: (Map status indicator) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-06-06] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-03]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2631302871-3897047704-381176597-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-15] ()
Chrome:
=======
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default [2016-10-03]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-08-12]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Avast Online Security) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-08] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-03-08] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [922744 2015-12-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6443128 2015-12-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5119096 2015-12-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2016-10-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-10-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2016-10-03] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [338936 2016-10-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-10-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2016-10-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2016-10-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2016-10-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118664 2016-10-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224616 2016-10-03] (AVAST Software)
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [1762304 2011-12-20] (C-Media Inc)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18552 2015-12-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [44840 2015-12-17] (NVIDIA Corporation)
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2014-02-23] (Sonic Solutions) [File not signed]
U1 staport; C:\WINDOWS\system32\Drivers\staport.sys [39832 2016-09-02] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [250368 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-03 20:41 - 2016-10-03 20:42 - 00015353 _____ C:\Users\Adam\Downloads\FRST.txt
2016-10-03 20:40 - 2016-10-03 20:41 - 00000000 ____D C:\FRST
2016-10-03 20:38 - 2016-10-03 20:40 - 01754624 _____ (Farbar) C:\Users\Adam\Downloads\FRST.exe
2016-10-03 19:59 - 2016-10-03 19:59 - 00039832 _____ () C:\WINDOWS\system32\Drivers\staport.sys.147548514864002
2016-10-03 19:58 - 2016-10-03 19:58 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-10-03 19:58 - 2016-10-03 19:58 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-10-03 19:58 - 2016-10-03 19:58 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-10-03 19:58 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB684.tmp
2016-10-03 19:58 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB4C8.tmp
2016-10-03 19:58 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB5A6.tmp
2016-10-03 19:58 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB683.tmp
2016-10-03 19:58 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAF87.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB685.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB594.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB5A7.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB10E.tmp
2016-10-03 19:58 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswB5A5.tmp
2016-10-03 19:51 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC14.tmp
2016-10-03 19:51 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABEF.tmp
2016-10-03 19:51 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC01.tmp
2016-10-03 19:51 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC13.tmp
2016-10-03 19:51 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABED.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC15.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABFF.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC12.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswABEE.tmp
2016-10-03 19:51 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswAC00.tmp
2016-10-03 19:50 - 2016-10-03 19:50 - 00346193 _____ C:\unp305472831129653052.mdmp
2016-10-03 19:50 - 2016-10-03 19:50 - 00341774 _____ C:\unp30547283752692329.mdmp
2016-10-03 19:50 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF259.tmp
2016-10-03 19:50 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF243.tmp
2016-10-03 19:50 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF256.tmp
2016-10-03 19:50 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF258.tmp
2016-10-03 19:50 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF241.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF26A.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF244.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF257.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF242.tmp
2016-10-03 19:50 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF255.tmp
2016-10-03 19:49 - 2016-10-03 19:49 - 00319370 _____ C:\unp3054728359175106.mdmp
2016-10-03 19:49 - 2016-08-06 16:33 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9E1.tmp
2016-10-03 19:49 - 2016-03-10 18:58 - 00816304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CC.tmp
2016-10-03 19:49 - 2016-03-10 18:58 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9DE.tmp
2016-10-03 19:49 - 2016-03-08 19:11 - 00447848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9E0.tmp
2016-10-03 19:49 - 2016-03-08 19:11 - 00356640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CA.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00129144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngv5ADC.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00127432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9F2.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CD.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9DF.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9CB.tmp
2016-10-03 19:49 - 2016-03-08 19:10 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9DD.tmp
2016-09-22 23:03 - 2016-09-22 23:03 - 00015356 _____ C:\Users\Adam\Desktop\Fare-Rules.pdf
2016-09-22 23:03 - 2016-09-22 23:03 - 00013657 _____ C:\Users\Adam\Desktop\Itinerary.pdf
2016-09-22 23:03 - 2016-09-22 23:03 - 00007029 _____ C:\Users\Adam\Desktop\Tax-Invoice.pdf
2016-09-22 20:55 - 2016-09-22 20:55 - 00259429 _____ C:\Users\Adam\Downloads\General Terms and Conditions of Business of cleverbridge AG.pdf
2016-09-22 20:55 - 2016-09-22 20:55 - 00082924 _____ C:\Users\Adam\Downloads\AKD-73650121483.pdf
2016-09-22 20:55 - 2016-09-22 20:55 - 00082835 _____ C:\Users\Adam\Downloads\98231181.pdf
2016-09-22 20:54 - 2016-09-22 20:54 - 14659584 _____ (Malwarebytes ) C:\Users\Adam\Downloads\mbam-setup-web.NT-2.2.1.1043.exe.32140lr.partial
2016-09-18 10:52 - 2016-09-18 10:52 - 09858135 _____ C:\Users\Adam\Desktop\Champion_Spark_Plugs_Catalogue_2010(V1s).PDF
2016-09-15 23:08 - 2014-02-21 20:32 - 1089143563 _____ C:\Users\Adam\Desktop\PPRO_2.0_Ret-NH_UE.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-03 20:25 - 2015-06-11 19:37 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-03 20:21 - 2015-10-30 16:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-03 20:02 - 2015-01-24 13:31 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-03 19:59 - 2014-02-16 14:20 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-10-03 19:59 - 2014-02-16 14:20 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-10-03 19:58 - 2016-03-08 19:11 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-10-03 19:58 - 2014-05-17 17:46 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-10-03 19:58 - 2014-02-16 14:20 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-10-03 19:57 - 2016-03-08 19:11 - 00338936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2016-10-03 19:53 - 2016-02-01 20:22 - 00988244 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-03 19:53 - 2015-10-30 16:47 - 00000000 ____D C:\WINDOWS\INF
2016-10-03 19:51 - 2016-04-27 20:53 - 00002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2016-10-03 19:51 - 2016-03-08 19:11 - 00002085 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-10-03 19:51 - 2015-10-30 16:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-10-03 19:47 - 2016-02-01 20:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-03 19:47 - 2016-02-01 20:22 - 00000000 ____D C:\Users\Adam
2016-10-03 19:47 - 2014-03-07 06:32 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-03 19:46 - 2014-03-07 06:32 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-17 18:47 - 2014-03-07 06:33 - 00002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-16 19:50 - 2015-06-06 16:26 - 00000000 ____D C:\Users\Adam\Documents\TomTom
2016-09-16 00:24 - 2016-02-05 19:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-11 17:58 - 2014-03-27 17:11 - 00000000 ____D C:\Users\Adam\Documents\Reciepts
2016-09-07 12:00 - 2015-10-30 16:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-09-07 12:00 - 2015-10-30 16:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2016-07-16 00:17 - 2016-07-16 00:17 - 0018115 _____ () C:\Users\Adam\AppData\Roaming\UserTile.png
2014-05-29 19:45 - 2014-05-29 19:46 - 0007612 _____ () C:\Users\Adam\AppData\Local\resmon.resmoncfg
2015-08-09 02:10 - 2015-08-09 02:10 - 0000000 _____ () C:\Users\Adam\AppData\Local\{F7AFF22D-F8D3-457D-A170-F72C6116EF10}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-30 21:01
==================== End of FRST.txt ============================