API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 7th, 2015
373
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 53.87 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
  2. Ran by nuworld (administrator) on NUWORLD-PC (07-11-2015 19:34:10)
  3. Running from C:\Users\nuworld\Desktop
  4. Loaded Profiles: nuworld (Available Profiles: nuworld & Administrator & DefaultAppPool)
  5. Platform: Windows 10 Pro (X64) Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\SeaMonkey\seamonkey.exe" -requestPending -osint -url "%1")
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  15. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  16. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  17. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  18. (Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
  19. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  20. (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  21. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
  22. (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
  23. (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
  24. (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
  25. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
  26. (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
  27. (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.04\AsusFanControlService.exe
  28. (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
  29. (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
  30. (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
  31. () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
  32. (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
  33. (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
  34. (Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
  35. (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
  36. (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
  37. (Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
  38. (Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
  39. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  40. (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
  41. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
  42. (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
  43. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
  44. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  45. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  46. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
  47. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  48. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  49. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  50. (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
  51. (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
  52. (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
  53. () C:\ProgramData\PPEZR\EZGoRun.exe
  54. (VueSoft) C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe
  55. (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
  56. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
  57. (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
  58. (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
  59. (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
  60. (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
  61. (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
  62. (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
  63. (mozilla.org) C:\Program Files (x86)\SeaMonkey\seamonkey.exe
  64. (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe
  65. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  66. (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
  67. (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
  68. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  69. (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
  70. (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
  71. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  72.  
  73.  
  74. ==================== Registry (Whitelisted) ===========================
  75.  
  76. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  77.  
  78. HKLM\...\Run: [VX6000] => C:\WINDOWS\vVX6000.exe [764784 2010-05-20] (Microsoft Corporation
  79. )
  80. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
  81. HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
  82. HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
  83. HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
  84. HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
  85. HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
  86. HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
  87. HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
  88. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
  89. HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
  90. HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [570152 2014-08-14] (Acronis)
  91. HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
  92. HKLM-x32\...\Run: [PowerPDFInboxMonitor] => C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe [110920 2014-03-14] (Nuance Communications, Inc.)
  93. HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe [193560 2014-07-07] (Nuance Communications, Inc.)
  94. HKLM-x32\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [350144 2012-03-27] (Cyber Power Systems, Inc.)
  95. HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
  96. HKLM-x32\...\Run: [NuanPowerPdf1NPDFLM] => C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe [2971672 2014-07-07] (Nuance Communications, Inc.)
  97. HKLM-x32\...\Run: [Nuance Power PDF Advanced-reminder] => C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe [330056 2014-02-25] (Nuance Communications, Inc.)
  98. HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
  99. HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
  100. HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
  101. HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
  102. HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-04-12] (Brother Industries, Ltd.)
  103. HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5343664 2015-07-20] (Acronis)
  104. HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [691056 2015-07-19] (Acronis International GmbH)
  105. Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
  106. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  107. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\Run: [EZGoRun] => C:\ProgramData\PPEZR\EZGoRun.exe [55824 2010-05-07] ()
  108. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\Run: [Octoshape Streaming Services] => C:\Users\nuworld\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS)
  109. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\Run: [VueMinder] => C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe [8045056 2015-10-21] (VueSoft)
  110. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
  111. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\RunOnce: [Uninstall C:\Users\nuworld\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\nuworld\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
  112. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\RunOnce: [Uninstall C:\Users\nuworld\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\nuworld\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
  113. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\...\RunOnce: [Uninstall C:\Users\nuworld\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\nuworld\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64"
  114. ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
  115. ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
  116. ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
  117. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-03-01]
  118. ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
  119. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-11-23]
  120. ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
  121. BootExecute: PDBoot.exeautocheck autochk *
  122.  
  123. ==================== Internet (Whitelisted) ====================
  124.  
  125. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  126.  
  127. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  128. Tcpip\..\Interfaces\{6356D16E-55D6-485D-896B-864EE28FC2F1}: [DhcpNameServer] 8.8.8.8
  129. Tcpip\..\Interfaces\{685a323b-41e5-4762-9b2e-8f09517d868f}: [DhcpNameServer] 192.168.1.1
  130.  
  131. Internet Explorer:
  132. ==================
  133. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  134. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
  135. HKU\S-1-5-21-323302487-4014843972-3913409306-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  136. BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
  137. BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
  138. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
  139. BHO-x32: Nuance PDF Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2014-02-27] (Zeon Corporation)
  140. BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
  141. BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
  142. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
  143. Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
  144. Toolbar: HKLM-x32 - Nuance PDF - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2014-02-27] (Zeon Corporation)
  145. Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-10-20] (AO Kaspersky Lab)
  146. DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
  147. DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
  148. Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
  149.  
  150. FireFox:
  151. ========
  152. FF ProfilePath: C:\Users\nuworld\AppData\Roaming\Mozilla\Firefox\Profiles\yujzwgc6.default
  153. FF DefaultSearchEngine: Search Here
  154. FF SelectedSearchEngine: Search Here
  155. FF Homepage: hxxp://cn.yahoo.com
  156. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
  157. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
  158. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
  159. FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
  160. FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
  161. FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
  162. FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
  163. FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
  164. FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
  165. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
  166. FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-10-24] (Nero AG)
  167. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-06] (NVIDIA Corporation)
  168. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-06] (NVIDIA Corporation)
  169. FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [No File]
  170. FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
  171. FF Plugin-x32: @qq.com/QQPhotoDrawEx -> C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll [No File]
  172. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
  173. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
  174. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
  175. FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\Power PDF\bin\nppdf.dll [2014-03-07] (Zeon Corporation)
  176. FF Plugin HKU\S-1-5-21-323302487-4014843972-3913409306-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\nuworld\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1411300-0-npoctoshape.dll [2014-11-30] (Octoshape ApS)
  177. FF Plugin ProgramFiles/Appdata: C:\Users\nuworld\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-10-11] (Octoshape ApS)
  178. FF Extension: VideoFileDownload - Download YouTube Videos - C:\Users\nuworld\AppData\Roaming\Mozilla\Firefox\Profiles\yujzwgc6.default\Extensions\plugin@vfd.com [2012-08-28] [not signed]
  179. FF Extension: Microsoft .NET Framework Assistant - C:\Users\nuworld\AppData\Roaming\Mozilla\Firefox\Profiles\yujzwgc6.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012-08-28] [not signed]
  180. FF Extension: ShopToWin12 - C:\Users\nuworld\AppData\Roaming\Mozilla\Firefox\Profiles\yujzwgc6.default\Extensions\{70263cf9-d46a-4be4-adc6-29500ba884e1} [2012-11-20] [not signed]
  181. FF Extension: Blekko search bar - C:\Users\nuworld\AppData\Roaming\Mozilla\Firefox\Profiles\yujzwgc6.default\Extensions\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} [2012-08-28] [not signed]
  182. FF Extension: fcreward.100770.b - C:\Users\nuworld\AppData\Roaming\Mozilla\Firefox\Profiles\yujzwgc6.default\Extensions\{003e1c8f-ebd6-f074-7551-4b31c0f547ec}.xpi [2013-03-05] [not signed]
  183. FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
  184. FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-13] [not signed]
  185. FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox
  186. FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2015-10-20] [not signed]
  187. FF Extension: Nuance PDF Convert - C:\Program Files (x86)\Nuance\Power PDF\FireFox [2015-08-06] [not signed]
  188. FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [not found]
  189. FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [not found]
  190. FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [not found]
  191. FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [not found]
  192.  
  193. Chrome:
  194. =======
  195. CHR Profile: C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default
  196. CHR Extension: (Google Slides) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-17]
  197. CHR Extension: (Google Docs) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-17]
  198. CHR Extension: (Google Drive) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-17]
  199. CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-17]
  200. CHR Extension: (YouTube) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-17]
  201. CHR Extension: (Google Search) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-17]
  202. CHR Extension: (Kaspersky URL Advisor) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-12-17]
  203. CHR Extension: (Google Sheets) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-17]
  204. CHR Extension: (Safe Money) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-12-17]
  205. CHR Extension: (Content Blocker) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-12-17]
  206. CHR Extension: (Virtual Keyboard) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-12-17]
  207. CHR Extension: (Kaspersky Protection) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-12-17]
  208. CHR Extension: (Unblock Youku) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2014-12-17]
  209. CHR Extension: (Gmail) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-17]
  210. CHR Extension: (Anti-Banner) - C:\Users\nuworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-12-17]
  211. CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
  212. CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
  213. CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
  214.  
  215. ==================== Services (Whitelisted) ========================
  216.  
  217. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  218.  
  219. R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
  220. R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-28] () [File not signed]
  221. R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
  222. R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
  223. R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.04\AsusFanControlService.exe [1473664 2012-04-09] (ASUSTeK Computer Inc.)
  224. R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-08-16] (Kaspersky Lab ZAO)
  225. R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
  226. R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249328 2015-06-24] (DTS, Inc)
  227. S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
  228. R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
  229. R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
  230. S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
  231. S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
  232. R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-22] (Microsoft Corporation)
  233. R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
  234. R2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [1013696 2012-03-27] (Cyber Power Systems, Inc.)
  235. R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
  236. R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
  237. R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
  238. S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
  239. S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-22] (Microsoft Corporation)
  240. R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-22] (Microsoft Corporation)
  241. S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
  242. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
  243.  
  244. ===================== Drivers (Whitelisted) ==========================
  245.  
  246. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  247.  
  248. R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
  249. R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
  250. R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
  251. S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.) [File not signed]
  252. R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
  253. R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
  254. R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
  255. R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-09-22] (Acronis International GmbH)
  256. R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
  257. R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
  258. R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
  259. R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
  260. S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
  261. R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-20] (AO Kaspersky Lab)
  262. R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-20] (AO Kaspersky Lab)
  263. R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [925064 2015-10-20] (AO Kaspersky Lab)
  264. R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
  265. R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
  266. R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
  267. R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
  268. R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-20] (Kaspersky Lab ZAO)
  269. R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
  270. R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
  271. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
  272. S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-07] (Malwarebytes Corporation)
  273. S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
  274. R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-22] (Microsoft Corporation)
  275. S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
  276. R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
  277. S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
  278. S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
  279. R2 tib; C:\Windows\system32\DRIVERS\tib.sys [1058632 2015-09-24] (Acronis International GmbH)
  280. R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [248648 2015-09-24] (Acronis International GmbH)
  281. S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
  282. R3 VX6000; C:\Windows\system32\DRIVERS\VX6000Xp.sys [2143600 2010-05-20] (Microsoft Corporation
  283. )
  284. S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
  285. S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
  286. S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
  287. U4 idsvc; no ImagePath
  288. S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
  289. U3 wpcsvc; no ImagePath
  290.  
  291. ==================== NetSvcs (Whitelisted) ===================
  292.  
  293. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  294.  
  295.  
  296. ==================== One Month Created files and folders ========
  297.  
  298. (If an entry is included in the fixlist, the file/folder will be moved.)
  299.  
  300. 2015-11-07 19:34 - 2015-11-07 19:34 - 00030526 _____ C:\Users\nuworld\Desktop\FRST.txt
  301. 2015-11-07 19:33 - 2015-11-07 19:33 - 00000894 _____ C:\Users\nuworld\Desktop\AdwCleaner[C1].txt
  302. 2015-11-07 19:30 - 2015-11-07 19:30 - 00016148 _____ C:\WINDOWS\system32\NUWORLD-PC_nuworld_HistoryPrediction.bin
  303. 2015-11-07 19:24 - 2015-11-07 19:26 - 00000000 ____D C:\AdwCleaner
  304. 2015-11-07 19:21 - 2015-11-07 19:21 - 00002086 _____ C:\Users\nuworld\Desktop\JRT.txt
  305. 2015-11-07 18:47 - 2015-11-07 18:47 - 01713664 _____ C:\Users\nuworld\Desktop\AdwCleaner.exe
  306. 2015-11-07 18:46 - 2015-11-07 18:46 - 01801288 _____ (Malwarebytes) C:\Users\nuworld\Desktop\JRT.exe
  307. 2015-11-06 20:24 - 2015-11-06 20:23 - 02198528 _____ (Farbar) C:\Users\nuworld\Desktop\FRST64.exe
  308. 2015-11-06 19:13 - 2015-11-06 19:13 - 00104448 ___SH C:\Users\nuworld\Downloads\Thumbs.db
  309. 2015-11-06 18:04 - 2015-11-07 18:38 - 00043008 ___SH C:\Users\nuworld\Desktop\Thumbs.db
  310. 2015-11-06 17:55 - 2015-11-07 18:37 - 00001112 _____ C:\WINDOWS\PFRO.log
  311. 2015-11-05 21:53 - 2015-11-07 19:30 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
  312. 2015-11-05 19:52 - 2015-10-27 18:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
  313. 2015-11-05 19:52 - 2015-10-21 07:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
  314. 2015-11-05 19:51 - 2015-10-27 18:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
  315. 2015-11-05 19:51 - 2015-10-21 07:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
  316. 2015-11-05 19:51 - 2015-10-21 07:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
  317. 2015-11-05 19:51 - 2015-10-21 07:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
  318. 2015-11-05 19:51 - 2015-10-21 07:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
  319. 2015-11-05 19:51 - 2015-10-21 07:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
  320. 2015-11-05 19:51 - 2015-10-21 06:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
  321. 2015-11-05 19:51 - 2015-10-21 06:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
  322. 2015-11-05 19:51 - 2015-10-21 06:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
  323. 2015-11-05 19:51 - 2015-10-21 06:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
  324. 2015-11-05 19:51 - 2015-10-21 06:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
  325. 2015-11-05 19:51 - 2015-10-21 06:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
  326. 2015-11-05 19:51 - 2015-10-21 06:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
  327. 2015-11-05 19:51 - 2015-10-21 06:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
  328. 2015-11-05 19:51 - 2015-10-21 06:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
  329. 2015-11-05 19:51 - 2015-10-21 06:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
  330. 2015-11-05 19:51 - 2015-10-21 06:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
  331. 2015-11-05 19:51 - 2015-10-21 06:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
  332. 2015-11-05 19:51 - 2015-10-21 06:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
  333. 2015-11-05 19:51 - 2015-10-21 00:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
  334. 2015-11-05 19:51 - 2015-10-21 00:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
  335. 2015-11-05 19:51 - 2015-10-21 00:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
  336. 2015-11-05 19:51 - 2015-10-21 00:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
  337. 2015-11-05 19:51 - 2015-10-21 00:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
  338. 2015-11-05 19:51 - 2015-10-21 00:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
  339. 2015-11-05 19:51 - 2015-10-21 00:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
  340. 2015-11-05 19:51 - 2015-10-20 23:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
  341. 2015-11-05 19:51 - 2015-10-20 23:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
  342. 2015-11-05 19:50 - 2015-10-21 06:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
  343. 2015-11-05 19:50 - 2015-10-21 06:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
  344. 2015-11-05 19:50 - 2015-10-21 00:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
  345. 2015-11-05 19:50 - 2015-10-20 23:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
  346. 2015-11-05 18:06 - 2015-11-05 18:06 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
  347. 2015-11-05 18:05 - 2015-11-05 18:05 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
  348. 2015-11-05 18:05 - 2015-11-05 18:05 - 00000000 ____D C:\Program Files\CCleaner
  349. 2015-11-05 18:03 - 2015-11-05 18:02 - 06762072 _____ (Piriform Ltd) C:\Users\nuworld\Downloads\ccsetup511.exe
  350. 2015-11-05 17:17 - 2015-11-07 19:31 - 00001224 _____ C:\Users\nuworld\Desktop\Penpower EZ Go Jr.LNK
  351. 2015-10-31 20:08 - 2015-10-31 20:08 - 00000000 ____D C:\Users\nuworld\AppData\Local\Comms
  352. 2015-10-27 21:50 - 2015-10-27 21:50 - 00000154 _____ C:\Users\nuworld\Desktop\licences.lic
  353. 2015-10-25 18:03 - 2015-10-25 18:03 - 00337058 _____ C:\Users\nuworld\Desktop\iTunes Library.itl
  354. 2015-10-22 16:40 - 2015-10-22 16:41 - 06539752 _____ (Tim Kosse) C:\Users\nuworld\Downloads\FileZilla_3.14.1_win64-setup.exe
  355. 2015-10-22 16:30 - 2015-10-22 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VueMinder Lite
  356. 2015-10-22 16:30 - 2015-10-22 16:30 - 00000000 ____D C:\Program Files (x86)\VueSoft
  357. 2015-10-19 17:41 - 2015-10-19 17:41 - 00001122 _____ C:\Users\Public\Desktop\Jeta Logo Designer.lnk
  358. 2015-10-19 17:41 - 2015-10-19 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeta Logo Designer
  359. 2015-10-19 17:41 - 2015-10-19 17:41 - 00000000 ____D C:\Program Files (x86)\Jeta Logo Designer
  360. 2015-10-19 17:37 - 2015-10-19 17:37 - 08285962 _____ C:\Users\nuworld\Downloads\jeta130free.zip
  361. 2015-10-13 18:11 - 2015-10-24 21:59 - 00000000 ____D C:\Users\nuworld\Desktop\WHF Theme
  362. 2015-10-13 16:17 - 2015-10-10 02:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
  363. 2015-10-13 16:17 - 2015-10-05 22:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
  364. 2015-10-13 16:17 - 2015-10-05 21:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
  365. 2015-10-13 16:17 - 2015-09-30 23:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
  366. 2015-10-13 16:17 - 2015-09-30 23:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
  367. 2015-10-13 16:17 - 2015-09-30 23:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
  368. 2015-10-13 16:17 - 2015-09-30 23:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
  369. 2015-10-13 16:17 - 2015-09-30 23:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
  370. 2015-10-13 16:17 - 2015-09-30 22:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
  371. 2015-10-13 16:17 - 2015-09-24 23:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
  372. 2015-10-13 16:17 - 2015-09-24 23:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
  373. 2015-10-13 16:17 - 2015-09-24 22:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
  374. 2015-10-13 16:17 - 2015-09-24 22:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
  375. 2015-10-13 16:17 - 2015-09-24 22:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
  376. 2015-10-13 16:17 - 2015-09-24 22:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
  377. 2015-10-13 16:17 - 2015-09-24 22:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
  378. 2015-10-13 16:17 - 2015-09-24 22:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
  379. 2015-10-13 16:17 - 2015-09-24 22:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
  380. 2015-10-13 16:17 - 2015-09-24 22:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
  381. 2015-10-13 16:17 - 2015-09-24 22:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
  382. 2015-10-13 16:17 - 2015-09-24 22:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
  383. 2015-10-13 16:17 - 2015-09-24 22:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
  384. 2015-10-13 16:17 - 2015-09-24 22:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
  385. 2015-10-13 16:17 - 2015-09-24 22:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
  386. 2015-10-13 16:17 - 2015-09-24 22:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
  387. 2015-10-13 16:17 - 2015-09-24 22:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
  388. 2015-10-13 16:17 - 2015-09-24 22:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
  389. 2015-10-13 16:17 - 2015-09-24 22:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
  390. 2015-10-13 16:17 - 2015-09-24 22:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
  391. 2015-10-13 16:17 - 2015-09-24 22:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
  392. 2015-10-13 16:17 - 2015-09-24 22:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
  393. 2015-10-13 16:17 - 2015-09-24 22:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
  394. 2015-10-13 16:17 - 2015-09-24 21:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
  395. 2015-10-13 16:17 - 2015-09-24 21:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
  396. 2015-10-13 16:17 - 2015-09-24 21:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
  397. 2015-10-13 16:17 - 2015-09-24 21:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
  398. 2015-10-13 16:17 - 2015-09-24 21:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
  399. 2015-10-13 16:17 - 2015-09-24 21:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
  400. 2015-10-13 16:17 - 2015-09-24 21:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
  401. 2015-10-13 16:17 - 2015-09-24 21:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
  402. 2015-10-13 16:17 - 2015-09-24 21:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
  403. 2015-10-13 16:17 - 2015-09-24 21:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
  404. 2015-10-13 16:17 - 2015-09-24 21:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
  405. 2015-10-13 16:17 - 2015-09-24 21:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
  406. 2015-10-13 16:17 - 2015-09-24 21:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
  407. 2015-10-13 16:17 - 2015-09-24 21:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
  408. 2015-10-13 16:17 - 2015-09-24 21:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
  409. 2015-10-13 16:17 - 2015-09-24 21:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
  410. 2015-10-13 16:17 - 2015-09-24 21:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
  411. 2015-10-13 16:17 - 2015-09-24 21:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
  412. 2015-10-13 16:17 - 2015-09-24 21:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
  413. 2015-10-13 16:17 - 2015-09-24 21:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
  414. 2015-10-13 16:17 - 2015-09-24 21:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
  415. 2015-10-13 16:17 - 2015-09-24 21:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
  416. 2015-10-13 16:17 - 2015-09-24 21:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
  417. 2015-10-13 16:17 - 2015-09-24 21:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
  418. 2015-10-13 16:17 - 2015-09-24 21:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
  419. 2015-10-13 16:17 - 2015-09-24 21:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
  420. 2015-10-12 21:44 - 2015-10-12 21:44 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\Macromedia
  421. 2015-10-12 21:44 - 2015-10-12 21:44 - 00000000 ____D C:\Users\nuworld\AppData\Local\Macromedia
  422. 2015-10-12 21:43 - 2015-11-07 19:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  423. 2015-10-12 21:43 - 2015-10-13 16:09 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
  424. 2015-10-12 21:43 - 2015-10-12 21:43 - 00000000 ____D C:\WINDOWS\system32\Macromed
  425. 2015-10-11 22:11 - 2015-10-11 22:11 - 15622640 _____ (DIRECTV) C:\Users\nuworld\Downloads\DIRECTV_Player_12.1.exe
  426. 2015-10-11 22:11 - 2015-10-11 22:11 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\Octoshape
  427. 2015-10-11 22:11 - 2015-10-11 22:11 - 00000000 ____D C:\Users\nuworld\AppData\LocalLow\DTV
  428. 2015-10-11 22:11 - 2015-10-11 22:11 - 00000000 ____D C:\Users\nuworld\AppData\Local\Octoshape
  429. 2015-10-11 21:56 - 2015-10-11 21:56 - 28849904 _____ C:\Users\nuworld\Downloads\vlc-2.2.1-win32.exe
  430. 2015-10-11 20:13 - 2015-10-11 22:01 - 00000000 ____D C:\Users\nuworld\AppData\Local\DIRECTV
  431. 2015-10-11 20:12 - 2015-10-11 22:01 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\DIRECTV
  432. 2015-10-11 20:12 - 2015-10-11 20:12 - 24647352 _____ (DIRECTV, LLC) C:\Users\nuworld\Downloads\DirectvGenieGOSetup.exe
  433.  
  434. ==================== One Month Modified files and folders ========
  435.  
  436. (If an entry is included in the fixlist, the file/folder will be moved.)
  437.  
  438. 2015-11-07 19:34 - 2015-07-14 22:08 - 00000000 ____D C:\FRST
  439. 2015-11-07 19:32 - 2012-09-06 20:04 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  440. 2015-11-07 19:31 - 2015-08-02 00:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab
  441. 2015-11-07 19:30 - 2015-08-21 22:45 - 00000000 ____D C:\ProgramData\NVIDIA
  442. 2015-11-07 19:30 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
  443. 2015-11-07 19:30 - 2012-08-29 18:13 - 00000000 ____D C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
  444. 2015-11-07 19:29 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
  445. 2015-11-07 19:29 - 2015-07-10 04:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
  446. 2015-11-07 19:20 - 2015-08-21 22:50 - 00000000 ____D C:\Users\nuworld
  447. 2015-11-07 19:02 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
  448. 2015-11-07 18:55 - 2012-09-06 20:04 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  449. 2015-11-07 17:55 - 2015-08-17 19:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
  450. 2015-11-07 17:36 - 2014-06-08 22:13 - 00000000 ____D C:\Users\nuworld\AppData\Local\Adobe
  451. 2015-11-06 23:31 - 2012-09-28 18:46 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\Skype
  452. 2015-11-06 19:51 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
  453. 2015-11-06 19:08 - 2014-11-16 21:46 - 00121344 ___SH C:\Users\nuworld\Thumbs.db
  454. 2015-11-05 22:03 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
  455. 2015-11-05 21:33 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
  456. 2015-11-05 20:33 - 2014-08-18 18:20 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\TeamViewer
  457. 2015-11-05 19:42 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
  458. 2015-11-05 18:34 - 2015-08-17 19:14 - 11337112 _____ (SurfRight B.V.) C:\Users\nuworld\Downloads\hitmanpro_x64.exe
  459. 2015-11-05 17:49 - 2012-09-28 18:46 - 00000000 ____D C:\ProgramData\Skype
  460. 2015-11-05 17:28 - 2015-08-22 02:27 - 00000000 ____D C:\WINDOWS\system32\msmq
  461. 2015-11-05 16:33 - 2015-08-21 22:47 - 01005642 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  462. 2015-11-05 00:29 - 2012-08-27 20:08 - 00000000 ____D C:\ProgramData\TEMP
  463. 2015-11-05 00:03 - 2015-08-21 23:23 - 00000000 ____D C:\Users\nuworld\AppData\Local\Packages
  464. 2015-11-04 23:32 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
  465. 2015-11-04 23:04 - 2015-09-20 22:01 - 00000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL
  466. 2015-11-04 23:04 - 2015-08-21 22:50 - 00000000 ____D C:\Users\Administrator
  467. 2015-11-04 23:04 - 2015-08-19 19:59 - 00000000 ___RD C:\Program Files (x86)\Skype
  468. 2015-11-04 23:04 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SystemResources
  469. 2015-11-04 23:04 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Globalization
  470. 2015-11-04 23:04 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Windows Defender
  471. 2015-11-04 23:04 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
  472. 2015-11-04 23:04 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\servicing
  473. 2015-11-04 23:04 - 2012-08-31 20:36 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\EditPlus 3
  474. 2015-11-04 23:03 - 2013-12-29 21:44 - 00000000 ____D C:\WINDOWS\pss
  475. 2015-11-04 22:56 - 2015-08-17 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes
  476. 2015-11-04 22:06 - 2015-08-17 19:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
  477. 2015-11-02 20:58 - 2014-06-08 16:48 - 00268288 ___SH C:\Users\nuworld\Documents\Thumbs.db
  478. 2015-11-02 20:15 - 2012-08-28 19:36 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\FileZilla
  479. 2015-11-01 04:33 - 2012-08-26 22:55 - 00000000 ____D C:\Users\nuworld\Documents\Tencent Files
  480. 2015-10-30 19:21 - 2015-08-21 23:27 - 00002380 _____ C:\Users\nuworld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  481. 2015-10-30 19:21 - 2015-08-21 23:27 - 00000000 ___RD C:\Users\nuworld\OneDrive
  482. 2015-10-29 21:40 - 2015-09-04 20:21 - 00000000 ____D C:\Users\nuworld\Downloads\phpbb 3.1.5
  483. 2015-10-29 21:02 - 2015-08-27 11:46 - 00000000 ____D C:\Users\nuworld\Desktop\we_universal
  484. 2015-10-27 21:21 - 2015-09-03 18:20 - 00000000 ____D C:\Users\nuworld\Documents\phpbb 3.1.5
  485. 2015-10-23 20:58 - 2012-08-28 19:36 - 00002069 _____ C:\Users\nuworld\Desktop\FileZilla Client.lnk
  486. 2015-10-23 20:58 - 2012-08-28 19:36 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
  487. 2015-10-23 20:58 - 2012-08-28 19:36 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
  488. 2015-10-20 15:36 - 2015-08-16 19:27 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
  489. 2015-10-20 15:36 - 2015-06-30 00:05 - 00925064 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
  490. 2015-10-20 15:36 - 2015-06-26 22:58 - 00087944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
  491. 2015-10-20 15:35 - 2015-08-16 19:27 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
  492. 2015-10-18 06:42 - 2015-08-23 16:46 - 00708081 _____ C:\Users\nuworld\Downloads\SysPerf.zip
  493. 2015-10-15 22:10 - 2015-10-01 16:18 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
  494. 2015-10-15 22:10 - 2015-10-01 16:18 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
  495. 2015-10-13 19:43 - 2014-06-08 22:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
  496. 2015-10-13 17:44 - 2015-10-05 20:28 - 00000000 ____D C:\Users\nuworld\Desktop\WHF sigs
  497. 2015-10-13 16:29 - 2013-07-23 16:19 - 00000000 ____D C:\WINDOWS\system32\MRT
  498. 2015-10-13 16:21 - 2012-08-25 10:46 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  499. 2015-10-11 22:14 - 2015-07-10 07:20 - 00214680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  500. 2015-10-11 22:11 - 2012-08-25 10:42 - 00000000 ____D C:\Users\nuworld\AppData\Roaming\Mozilla
  501. 2015-10-11 20:12 - 2015-02-27 03:08 - 00000000 ____D C:\Users\nuworld\AppData\Local\Downloaded Installations
  502.  
  503. ==================== Files in the root of some directories =======
  504.  
  505. 2015-08-06 17:20 - 2015-08-06 17:20 - 0002070 _____ () C:\Users\nuworld\AppData\Roaming\.DEFAULT
  506. 2015-08-06 17:20 - 2015-08-06 17:20 - 0011128 _____ () C:\Users\nuworld\AppData\Roaming\.DEFAULT-dm2
  507. 2015-08-06 17:20 - 2015-08-06 17:20 - 0011138 _____ () C:\Users\nuworld\AppData\Roaming\.DEFAULT-dmpu
  508. 2014-12-07 02:44 - 2014-12-15 20:32 - 0000033 _____ () C:\Users\nuworld\AppData\Roaming\AdobeWLCMCache.dat
  509. 2015-08-06 17:20 - 2015-08-06 17:20 - 0020392 _____ () C:\Users\nuworld\AppData\Roaming\nuanreg
  510. 2015-08-06 17:20 - 2015-08-06 17:20 - 0041700 _____ () C:\Users\nuworld\AppData\Roaming\nuanreg-dm2
  511. 2015-08-06 17:20 - 2015-08-06 17:20 - 0040238 _____ () C:\Users\nuworld\AppData\Roaming\nuanreg-dmpu
  512. 2015-08-06 17:20 - 2015-08-06 17:20 - 0002070 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-18
  513. 2015-08-06 17:20 - 2015-08-06 17:20 - 0011128 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-18-dm2
  514. 2015-08-06 17:20 - 2015-08-06 17:20 - 0011138 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-18-dmpu
  515. 2015-08-06 17:20 - 2015-08-06 17:20 - 0000170 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-19-dm2
  516. 2015-08-06 17:20 - 2015-08-06 17:20 - 0000180 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-19-dmpu
  517. 2015-08-06 17:20 - 2015-08-06 17:20 - 0000170 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-20-dm2
  518. 2015-08-06 17:20 - 2015-08-06 17:20 - 0000180 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-20-dmpu
  519. 2015-08-06 17:20 - 2015-08-06 17:20 - 0023746 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-21-323302487-4014843972-3913409306-1000
  520. 2015-08-06 17:20 - 2015-08-06 17:20 - 0041778 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-21-323302487-4014843972-3913409306-1000-dm2
  521. 2015-08-06 17:20 - 2015-08-06 17:20 - 0040316 _____ () C:\Users\nuworld\AppData\Roaming\S-1-5-21-323302487-4014843972-3913409306-1000-dmpu
  522. 2012-08-25 23:29 - 2015-08-11 20:09 - 0007686 _____ () C:\Users\nuworld\AppData\Local\resmon.resmoncfg
  523. 2013-03-28 20:30 - 2013-03-28 20:30 - 0000080 _____ () C:\Users\nuworld\AppData\Local\X-Plane Installer.prf
  524. 2013-03-28 20:31 - 2013-03-28 20:41 - 0000015 _____ () C:\Users\nuworld\AppData\Local\X-Plane_drm.prf
  525. 2013-03-28 18:17 - 2013-03-28 18:17 - 0000043 _____ () C:\Users\nuworld\AppData\Local\x-plane_install_10.txt
  526. 2015-08-21 22:45 - 2015-08-21 22:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  527. 2012-08-27 22:20 - 2012-08-30 18:25 - 0001294 _____ () C:\ProgramData\Gpu.log
  528. 2013-02-20 18:20 - 2015-02-08 04:25 - 0001385 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
  529.  
  530. Some files in TEMP:
  531. ====================
  532. C:\Users\nuworld\AppData\Local\Temp\sqlite3.dll
  533.  
  534.  
  535. ==================== Bamital & volsnap =================
  536.  
  537. (There is no automatic fix for files that do not pass verification.)
  538.  
  539. C:\WINDOWS\system32\winlogon.exe => File is digitally signed
  540. C:\WINDOWS\system32\wininit.exe => File is digitally signed
  541. C:\WINDOWS\explorer.exe => File is digitally signed
  542. C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
  543. C:\WINDOWS\system32\svchost.exe => File is digitally signed
  544. C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
  545. C:\WINDOWS\system32\services.exe => File is digitally signed
  546. C:\WINDOWS\system32\User32.dll => File is digitally signed
  547. C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
  548. C:\WINDOWS\system32\userinit.exe => File is digitally signed
  549. C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
  550. C:\WINDOWS\system32\rpcss.dll => File is digitally signed
  551. C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
  552. C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
  553. C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
  554.  
  555.  
  556. LastRegBack: 2015-10-31 04:02
  557.  
  558. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!