Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Zee (administrator) on SIEGFRIED (05-10-2015 16:53:15)
Running from C:\Users\Zee\Desktop
Loaded Profiles: Zee & (Available Profiles: Zee)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-18] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Kufab] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Zee\AppData\Local\79ABD6~1\Gefok.dat"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Spotify Web Helper] => C:\Users\Zee\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55358992 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [Spotify] => C:\Users\Zee\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\...\Run: [GoogleChromeAutoLaunch_429EA7A6AFFDF60B477DCFBFAB034A53] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-07] (Google Inc.)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Zee\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_429EA7A6AFFDF60B477DCFBFAB034A53] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-07] (Google Inc.)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55358992 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Zee\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 12.127.16.67 12.127.17.71
Tcpip\..\Interfaces\{517C7435-7394-4CC6-8FE0-CF55D21C445A}: [DhcpNameServer] 12.127.16.67 12.127.17.71
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130850026659167361&GUID=2110083A-08F2-4835-8264-2C2F9B6B5A02
HKU\S-1-5-21-219251710-3609435933-1062541636-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130850026659167361&GUID=2110083A-08F2-4835-8264-2C2F9B6B5A02
HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> DefaultScope {15573B70-CEDB-46CA-BD97-1204A59CA0EA} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> {15573B70-CEDB-46CA-BD97-1204A59CA0EA} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {15573B70-CEDB-46CA-BD97-1204A59CA0EA} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15573B70-CEDB-46CA-BD97-1204A59CA0EA} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-219251710-3609435933-1062541636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.4 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-06-20] (Wacom, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://search.genieo.com/?v=genTugM","hxxp://maclab.academyart.edu/wiki/projects/maclab/blog","hxxps://wirelessauth1.academyart.edu/login.html?redirect=
www.gstatic.com/generate_204","hxxp://
www.academyart.edu/","hxxp://vosteran.com/?f=7&a=vst_ggbc_14_48_ch&cd=2XzuyEtN2Y1L1Qzu0EtDtA0FyEzy0D0Dzz0E0EyB0Bzy0DtBtN0D0Tzu0StCtDyCtDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0EyE0B0D0E0DyCtG0FtBtA0BtGtD0AzzzztGzztDtBzztGtD0CtD0F0DtDyC0D0AyCyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtDyD0A0EyBzyzytG0BtByCtAtGyE0Bzy0EtG0AyByCzytGzy0F0EtB0DtAzztCzytAtD0B2Q&cr=1720223081&ir=","hxxp://
www.trovi.com/?gd=&ctid=CT3333527&octid=EB_ORIGINAL_CTID&ISID=M28A9DCAE-80E4-4101-A319-3EE6422D513D&SearchSource=55&CUI=&UM=8&UP=SP2C45CFA0-8759-45E5-9B51-F5036DD4D3BB&D=063015&SSPV=SP302TA_sp_ch"
CHR Profile: C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-06-30]
CHR Extension: (Entanglement Web App) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-09-10]
CHR Extension: (Your Second Phone) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgcliennfocnaoenlkmlhoakpaflpgo [2015-09-10]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-09-10]
CHR Extension: (Google Drive) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-30]
CHR Extension: (AdBlock for Grooveshark) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfoohbomhfjbdpdipnenfaoandbhkbmg [2015-06-30]
CHR Extension: (Adblock Plus) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-08]
CHR Extension: (Learn Italian - Molto Bene) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\dadgddaepklpemjojmnhgdjmmkmefihe [2015-09-10]
CHR Extension: (Pixlr-o-matic) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2015-09-10]
CHR Extension: (AdBlock) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-30]
CHR Extension: (Cut the Rope) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-09-10]
CHR Extension: (ExhibitCore Floor Planner) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkppejbflghogimlfghbaigiekmjpalf [2015-09-10]
CHR Extension: (Skyrama) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap [2015-09-10]
CHR Extension: (Wave Accounting) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa [2015-09-10]
CHR Extension: (Evernote Web) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-10-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-17]
CHR Extension: (Skype Click to Call) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-08]
CHR Extension: (TumTaster) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm [2015-06-30]
CHR Extension: (GW2TP) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchjpcdehbipdfjapdmgnoljndealpbd [2015-06-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-08]
CHR Extension: (Tumblr Savior) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2015-06-30]
CHR Extension: (My Chrome Theme) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-06-30]
CHR Extension: (Instagram for Chrome) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-06-30]
CHR Extension: (Gir Theme) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifnaclcibjejklkfjegfcbagcdkidim [2015-06-30]
CHR Extension: (BodBot Personal Fit Trainer) - C:\Users\Zee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppnkdiaelidjhcebhmgemlpnghbdgjhk [2015-09-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-31] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [460872 2013-03-08] (RTS Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-10-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-05 16:53 - 2015-10-05 16:53 - 00022962 _____ C:\Users\Zee\Desktop\FRST.txt
2015-10-05 16:53 - 2015-10-05 16:53 - 00000000 ____D C:\Users\Zee\Desktop\FRST-OlderVersion
2015-10-05 16:52 - 2015-10-05 16:52 - 00000000 ____D C:\Users\Zee\Desktop\New folder
2015-10-05 16:00 - 2015-10-05 16:00 - 00002390 _____ C:\Users\Zee\Desktop\JRT.txt
2015-10-05 15:51 - 2015-10-05 15:52 - 01801288 _____ (Malwarebytes) C:\Users\Zee\Desktop\JRT.exe
2015-10-05 15:35 - 2015-10-05 15:35 - 00000000 ____D C:\f7c93bf5c7f46472b414ce3f581f832d
2015-10-01 20:47 - 2015-10-01 20:49 - 01670656 _____ C:\Users\Zee\Desktop\adwcleaner_5.009.exe
2015-10-01 20:44 - 2015-10-01 20:44 - 00036408 _____ C:\Users\Zee\Desktop\text files.txt
2015-10-01 19:44 - 2015-10-05 11:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-01 19:43 - 2015-10-01 19:43 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-01 19:43 - 2015-10-01 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-01 19:43 - 2015-10-01 19:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-01 19:43 - 2015-10-01 19:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-01 19:43 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-01 19:43 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-01 19:43 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-01 19:41 - 2015-10-01 19:42 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Zee\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-01 17:46 - 2015-10-01 19:17 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-10-01 17:46 - 2015-10-01 17:46 - 00000000 ____D C:\ProgramData\RogueKiller
2015-10-01 17:43 - 2015-10-01 17:45 - 18801736 _____ C:\Users\Zee\Desktop\RogueKiller.exe
2015-10-01 16:51 - 2015-10-05 16:53 - 00000000 ____D C:\FRST
2015-10-01 16:50 - 2015-10-05 16:53 - 02193920 _____ (Farbar) C:\Users\Zee\Desktop\FRST64.exe
2015-10-01 16:48 - 2015-10-01 17:23 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2015-10-01 16:47 - 2015-10-02 17:01 - 00000000 ____D C:\Users\Zee\Desktop\Surrealism
2015-10-01 16:46 - 2015-10-01 16:48 - 14243008 _____ (Microsoft Corporation) C:\Users\Zee\Downloads\mseinstall64.exe
2015-09-30 14:53 - 2015-09-30 21:41 - 00000000 ____D C:\Users\Zee\Desktop\School
2015-09-28 17:24 - 2015-09-28 18:52 - 37822087 _____ C:\Users\Zee\Desktop\Death Acolyte.psd
2015-09-24 16:50 - 2015-09-24 16:50 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-24 16:50 - 2015-09-24 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-24 16:49 - 2015-09-24 16:50 - 00000000 ____D C:\Program Files\iTunes
2015-09-24 16:49 - 2015-09-24 16:49 - 00000000 ____D C:\Program Files\iPod
2015-09-24 16:49 - 2015-09-24 16:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-24 16:45 - 2015-09-24 16:45 - 00000000 ____D C:\Program Files\Bonjour
2015-09-24 16:45 - 2015-09-24 16:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-24 16:44 - 2015-09-24 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-24 16:44 - 2015-09-24 16:44 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-19 22:58 - 2015-09-19 22:58 - 00484118 _____ C:\Users\Zee\Downloads\ROTTEN LOUSY KID (1).wmv
2015-09-19 22:53 - 2015-09-19 22:53 - 00484118 _____ C:\Users\Zee\Downloads\ROTTEN LOUSY KID.wmv
2015-09-19 22:44 - 2015-09-19 22:44 - 02579068 _____ C:\Users\Zee\Downloads\Starboard.wmv
2015-09-19 22:44 - 2015-09-19 22:44 - 01575776 _____ C:\Users\Zee\Downloads\GROSSEST.wmv
2015-09-19 22:43 - 2015-09-19 22:44 - 01897812 _____ C:\Users\Zee\Downloads\TRASHY HALLOWEEN.wmv
2015-09-19 22:43 - 2015-09-19 22:44 - 01359536 _____ C:\Users\Zee\Downloads\HOLIDAY SHAYE.wmv
2015-09-19 22:43 - 2015-09-19 22:43 - 02410506 _____ C:\Users\Zee\Downloads\Thrift Store.wmv
2015-09-19 22:43 - 2015-09-19 22:43 - 01738540 _____ C:\Users\Zee\Downloads\OUT FOR A PUSH.wmv
2015-09-19 22:43 - 2015-09-19 22:43 - 01721926 _____ C:\Users\Zee\Downloads\Happy-Turkey-Day-excerpt.wmv
2015-09-19 22:42 - 2015-09-19 22:42 - 02572102 _____ C:\Users\Zee\Downloads\WIRE THERAPY.wmv
2015-09-19 22:42 - 2015-09-19 22:42 - 00541092 _____ C:\Users\Zee\Downloads\WASHROOM1.wmv
2015-09-19 22:28 - 2015-09-19 22:28 - 00456208 _____ C:\Users\Zee\Downloads\hollywood-hello.wmv
2015-09-16 20:35 - 2015-09-16 20:37 - 00000000 ____D C:\Users\Zee\Downloads\twins
2015-09-16 20:34 - 2015-09-16 20:34 - 06951980 _____ C:\Users\Zee\Downloads\twins.zip
2015-09-14 11:04 - 2015-09-14 21:46 - 00000000 ____D C:\Users\Zee\Desktop\illustration 3
2015-09-10 22:48 - 2015-09-10 22:49 - 00384435 _____ C:\Users\Zee\Desktop\MtOXgOVF.htm
2015-09-09 19:30 - 2015-09-09 19:43 - 00000000 ____D C:\Users\Zee\Desktop\horror movie bruhs
2015-09-09 10:02 - 2015-07-22 07:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 10:02 - 2015-07-22 06:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 10:02 - 2015-07-17 07:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 10:02 - 2015-07-17 07:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 10:02 - 2015-07-09 09:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 10:02 - 2015-07-03 14:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 10:02 - 2015-07-03 07:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 10:02 - 2015-06-27 04:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 10:02 - 2015-06-19 10:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-09 10:01 - 2015-09-02 19:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 10:01 - 2015-09-02 19:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 10:01 - 2015-09-02 11:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 10:01 - 2015-09-02 10:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 10:00 - 2015-07-13 12:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 21:52 - 2015-08-26 19:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 21:52 - 2015-08-26 11:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 21:52 - 2015-08-26 11:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 21:52 - 2015-08-26 11:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 21:52 - 2015-08-26 11:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 21:52 - 2015-08-26 07:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 21:52 - 2015-08-26 07:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 21:52 - 2015-08-26 07:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 21:52 - 2015-08-26 07:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 21:52 - 2015-08-26 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 21:52 - 2015-08-26 07:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 21:52 - 2015-08-26 07:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 21:52 - 2015-08-22 11:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 21:52 - 2015-08-22 10:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 21:52 - 2015-07-30 10:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 21:52 - 2015-07-30 09:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 21:51 - 2015-09-01 19:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 21:51 - 2015-09-01 19:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 21:51 - 2015-09-01 19:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 21:51 - 2015-09-01 19:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 21:51 - 2015-09-01 19:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 21:51 - 2015-08-22 10:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 21:51 - 2015-08-22 10:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 21:51 - 2015-08-22 10:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 21:51 - 2015-08-22 10:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 21:51 - 2015-08-22 09:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 21:51 - 2015-08-22 09:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 21:51 - 2015-08-22 09:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 21:51 - 2015-08-22 09:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 21:51 - 2015-08-22 09:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 21:51 - 2015-08-22 09:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 21:51 - 2015-08-22 09:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 21:51 - 2015-08-22 09:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 21:51 - 2015-08-22 09:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 21:51 - 2015-08-22 09:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 21:51 - 2015-08-22 09:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 21:51 - 2015-08-22 09:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 21:51 - 2015-08-22 09:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 21:51 - 2015-08-22 09:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 21:51 - 2015-08-22 09:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 21:51 - 2015-08-22 09:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 21:51 - 2015-08-22 09:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 21:51 - 2015-08-22 09:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 21:51 - 2015-08-22 09:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 21:51 - 2015-08-22 09:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 21:51 - 2015-08-22 09:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 21:51 - 2015-08-22 08:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 21:51 - 2015-08-22 08:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 21:51 - 2015-08-03 14:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 21:51 - 2015-08-03 14:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 21:51 - 2015-08-01 07:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 21:51 - 2015-07-31 20:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 21:51 - 2015-07-31 20:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 21:51 - 2015-07-31 20:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 21:51 - 2015-07-31 20:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 21:51 - 2015-07-31 20:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 21:51 - 2015-07-22 07:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 21:51 - 2015-07-22 07:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 21:51 - 2015-07-22 07:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 21:51 - 2015-07-22 07:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 21:51 - 2015-07-18 11:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 21:51 - 2015-07-18 11:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 21:51 - 2015-07-18 11:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 21:51 - 2015-07-18 11:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 21:50 - 2015-07-13 20:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-05 18:46 - 2015-09-05 19:34 - 00000000 ____D C:\Users\Zee\Desktop\Modeling!
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-05 16:53 - 2014-11-27 14:58 - 00000000 ____D C:\Users\Zee\AppData\Roaming\Skype
2015-10-05 16:19 - 2015-01-04 01:09 - 01150599 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-05 16:00 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 15:52 - 2015-02-17 23:52 - 00370176 ___SH C:\Users\Zee\Downloads\Thumbs.db
2015-10-05 11:24 - 2015-01-14 16:41 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{02322EC3-D53D-42A4-A9E7-58E4F825D3A4}
2015-10-05 11:23 - 2014-09-24 00:15 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 11:14 - 2014-11-27 17:13 - 00000000 ____D C:\Users\Zee\AppData\Local\Spotify
2015-10-05 11:13 - 2014-11-27 17:13 - 00000000 ____D C:\Users\Zee\AppData\Roaming\Spotify
2015-10-04 20:42 - 2013-08-22 07:46 - 00310909 _____ C:\WINDOWS\setupact.log
2015-10-04 13:39 - 2015-01-22 18:25 - 00534528 ___SH C:\Users\Zee\Desktop\Thumbs.db
2015-10-02 22:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-02 17:24 - 2014-11-28 13:00 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-10-02 17:24 - 2014-02-05 15:50 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-10-01 21:28 - 2014-11-28 11:57 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-219251710-3609435933-1062541636-1001
2015-10-01 20:54 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 20:53 - 2014-09-24 00:03 - 00872702 _____ C:\WINDOWS\PFRO.log
2015-10-01 20:52 - 2015-05-07 23:03 - 00000000 ____D C:\AdwCleaner
2015-10-01 20:37 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-01 19:14 - 2015-01-04 00:55 - 00000000 ____D C:\Users\Zee
2015-10-01 17:51 - 2014-12-16 20:17 - 00000000 ____D C:\Users\Zee\AppData\Local\CrashDumps
2015-10-01 15:53 - 2014-11-27 14:58 - 00000000 ____D C:\ProgramData\Skype
2015-09-29 20:58 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-24 16:49 - 2015-02-12 16:11 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-24 16:44 - 2015-02-12 16:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-21 10:39 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-14 18:18 - 2015-03-13 21:58 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-14 18:18 - 2015-03-13 21:58 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 11:40 - 2015-04-29 16:43 - 00000000 ____D C:\Users\Zee\Desktop\patches
2015-09-12 11:41 - 2014-11-30 19:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-11 11:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-10 19:41 - 2013-08-22 07:44 - 00346784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 19:39 - 2014-12-13 15:50 - 00000000 ____D C:\ProgramData\Norton
2015-09-10 19:34 - 2014-09-23 23:53 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 19:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 11:20 - 2012-08-01 18:36 - 00000000 ____D C:\WINDOWS\Log
2015-09-10 11:18 - 2014-11-27 17:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-09 19:39 - 2014-11-27 06:50 - 00000000 ____D C:\Users\Zee\AppData\Local\Google
==================== Files in the root of some directories =======
2014-11-27 17:17 - 2015-05-07 15:17 - 0000198 _____ () C:\Users\Zee\AppData\Roaming\WB.CFG
2014-11-29 12:17 - 2014-12-16 20:17 - 0000001 _____ () C:\Users\Zee\AppData\Local\DSI.DAT
2015-01-04 00:48 - 2015-01-04 00:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-26 05:42 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 05:42 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 05:42 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Zee\AppData\Local\Temp\aff_setup0.exe
C:\Users\Zee\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Zee\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Zee\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Zee\AppData\Local\Temp\Quarantine.exe
C:\Users\Zee\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Zee\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Zee\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-01 21:29
==================== End of FRST.txt ============================