Thank you.
Here is a copy of FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by TOSHIBA-PC (administrator) on TOSHIBA-PC-PC (14-11-2015 20:36:24)
Running from C:\Users\TOSHIBA-PC\Desktop
Loaded Profiles: TOSHIBA-PC & (Available Profiles: TOSHIBA-PC)
Platform: Microsoft Windows 10 Home (X86) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Backblaze\bzserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3527880 2015-06-12] (Synaptics Incorporated)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [haozipcd] => C:\Program Files\HaoZip\HaoZipCD.exe [256264 2012-07-26] (瑞创网络)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3911248 2015-10-16] (Tonec Inc.)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Run: [Backblaze] => C:\Program Files\Backblaze\bzbui.exe [581800 2015-10-23] ()
HKU\S-1-5-21-477176046-21664723-1367556538-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [25600 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [haozipcd] => C:\Program Files\HaoZip\HaoZipCD.exe [256264 2012-07-26] (瑞创网络)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3911248 2015-10-16] (Tonec Inc.)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Backblaze] => C:\Program Files\Backblaze\bzbui.exe [581800 2015-10-23] ()
HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [25600 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-09-17]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\TOSHIBA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Accurate Times.lnk [2014-09-13]
ShortcutTarget: Accurate Times.lnk -> C:\Accurate Times\alert63.exe (JAS)
Startup: C:\Users\TOSHIBA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-09-13]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{148f2ba4-8d03-4c77-a463-a5993d6b4e59}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-477176046-21664723-1367556538-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files\LastPass\LPToolbar.dll [2014-09-17] (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll [2014-09-17] (LastPass)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: hxxp://login.hhtxnet.com/search.php?q=
FF Keyword.URL: hxxp://login.hhtxnet.com/search.php?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files\LastPass\nplastpass.dll [2014-09-17] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-20] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin:
@Tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\.DEFAULT:
@Tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-477176046-21664723-1367556538-1000: @citrixonline.com/appdetectorplugin -> C:\Users\TOSHIBA-PC\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-18] (Citrix Online)
FF Plugin HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\TOSHIBA-PC\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-18] (Citrix Online)
FF SearchPlugin: C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\searchplugins\duckduckgo.xml [2014-10-07]
FF SearchPlugin: C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\searchplugins\startpage-ssl.xml [2015-10-23]
FF Extension: LastPass - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\support@lastpass.com [2015-09-27]
FF Extension: WOT - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-11-10]
FF Extension: Disconnect - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\2.0@disconnect.me.xpi [2015-05-29]
FF Extension: Ghostery - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\firefox@ghostery.com.xpi [2015-11-06]
FF Extension: MEGA - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\firefox@mega.co.nz.xpi [2015-11-13] [not signed]
FF Extension: Lightbeam - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-27]
FF Extension: NoScript - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-29]
FF Extension: Adblock Plus - C:\Users\TOSHIBA-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hk2n3rt0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: No Name - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-10-02] [not signed]
FF HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\TOSHIBA-PC\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\TOSHIBA-PC\AppData\Roaming\IDM\idmmzcc5 [2015-10-18] [not signed]
FF HKU\S-1-5-21-477176046-21664723-1367556538-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\TOSHIBA-PC\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.google.com/
CHR StartupUrls: Default -> "hxxp://
www.google.com/","hxxp://searchou.com/?id=54091e3600000000000000ffdeb7792f"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Beautiful landscape) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2015-11-14]
CHR Extension: (WikiTube) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj [2015-05-09]
CHR Extension: (Google Docs) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (Turn Off the Lights) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-09-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-09-05]
CHR Extension: (MEGA) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-11-14]
CHR Extension: (YouTube) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2015-11-14]
CHR Extension: (Adblock Plus) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-13]
CHR Extension: (Add to Amazon Wish List) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-09-13]
CHR Extension: (Google Search) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Avira SafeSearch) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-11-13]
CHR Extension: (Google Calendar) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-11-13]
CHR Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2015-05-02]
CHR Extension: (PanicButton) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2014-09-13]
CHR Extension: (Dashlane) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2015-09-05]
CHR Extension: (WikiMapper) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\feiheebgoilmbkaddngcoocjbogfchlb [2014-09-28]
CHR Extension: (Google Sheets) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Avira Browser Safety) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-11-13]
CHR Extension: (Marvel Comics) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2014-09-13]
CHR Extension: (Disconnect Search) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2015-02-25]
CHR Extension: (Kindle Cloud Reader) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-09-13]
CHR Extension: (Tradair Analytics) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfdibgccmdloekfajpdialdmhlacfkb [2015-01-31]
CHR Extension: (Disconnect) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-09-05]
CHR Extension: (StumbleUpon) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2014-09-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (The Independent) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdonfjaemnemdnnpebbcelibeocdmkai [2015-07-13]
CHR Extension: (Google Mail Checker) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-09-13]
CHR Extension: (Google Play Books) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2015-07-13]
CHR Extension: (IDM Integration Module) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-11-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-05]
CHR Extension: (Click&Clean App) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-11-13]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-09-13]
CHR Extension: (Gmail) - C:\Users\TOSHIBA-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-07-10]
CHR HKU\S-1-5-21-477176046-21664723-1367556538-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-477176046-21664723-1367556538-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-11-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
R2 bzserv; C:\Program Files\Backblaze\bzserv.exe [341672 2015-10-23] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1883320 2015-10-07] (Microsoft Corporation)
S2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [216776 2015-06-12] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105352 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [138800 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [55912 2015-09-24] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [175320 2013-10-28] (Broadcom Corporation.)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [144600 2013-10-28] (Broadcom Corporation.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [26328 2014-09-19] (Sony Mobile Communications)
R3 HaoZipVirtualCDBus; C:\WINDOWS\System32\drivers\HaoZipVirtualCDBus.sys [115288 2012-07-24] (Shanghai RuiChuang)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [30840 2015-02-09] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2015-11-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2015-07-10] (Intel Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [35528 2015-06-12] (Synaptics Incorporated)
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [23040 2014-11-05] (The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [50280 2015-07-29] (Toshiba Corporation)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-14 20:36 - 2015-11-14 20:37 - 00027662 _____ C:\Users\TOSHIBA-PC\Desktop\FRST.txt
2015-11-14 20:20 - 2015-11-14 20:20 - 00016148 _____ C:\WINDOWS\system32\TOSHIBA-PC-PC_TOSHIBA-PC_HistoryPrediction.bin
2015-11-14 19:11 - 2015-11-14 19:11 - 00000000 ____D C:\Program Files\ESET
2015-11-14 19:10 - 2015-11-14 19:11 - 02870984 _____ (ESET) C:\Users\TOSHIBA-PC\Desktop\esetsmartinstaller_enu.exe
2015-11-14 18:38 - 2015-11-14 18:38 - 00000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2015-11-14 17:21 - 2015-11-14 18:33 - 00000000 ____D C:\Users\TOSHIBA-PC\Desktop\mbar
2015-11-14 17:20 - 2015-11-14 17:20 - 00000833 _____ C:\Users\TOSHIBA-PC\Desktop\checkup.txt
2015-11-14 17:18 - 2015-11-14 17:20 - 16563352 _____ (Malwarebytes Corp.) C:\Users\TOSHIBA-PC\Desktop\mbar-1.09.3.1001.exe
2015-11-14 17:10 - 2015-11-14 17:11 - 00852720 _____ C:\Users\TOSHIBA-PC\Desktop\SecurityCheck.exe
2015-11-14 17:09 - 2015-11-14 17:09 - 00001480 _____ C:\Users\TOSHIBA-PC\Desktop\JRT.txt
2015-11-14 16:59 - 2015-11-14 16:59 - 01801288 _____ (Malwarebytes) C:\Users\TOSHIBA-PC\Desktop\JRT.exe
2015-11-14 16:54 - 2015-11-14 16:54 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-11-14 16:54 - 2015-11-14 16:54 - 00000000 _____ C:\WINDOWS\setupact.log
2015-11-14 16:42 - 2015-11-14 16:45 - 00000000 ____D C:\AdwCleaner
2015-11-14 16:39 - 2015-11-14 16:41 - 01729536 _____ C:\Users\TOSHIBA-PC\Desktop\adwcleaner_5.020.exe
2015-11-14 15:15 - 2015-11-14 15:15 - 00000000 ___HD C:\OneDriveTemp
2015-11-14 11:58 - 2015-11-14 14:25 - 00018662 _____ C:\Users\TOSHIBA-PC\Desktop\Backup of Orientalism and Islamophobia.wbk
2015-11-13 20:44 - 2015-11-13 20:45 - 00120719 _____ C:\Users\TOSHIBA-PC\Desktop\CheckResults.txt
2015-11-13 17:45 - 2015-11-13 17:45 - 01682416 _____ (Malwarebytes Corporation) C:\Users\TOSHIBA-PC\Desktop\mbam-check-2.1.1.1001.exe
2015-11-13 16:44 - 2015-11-14 08:55 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Local\CrashDumps
2015-11-13 15:05 - 2015-11-13 15:08 - 18979400 _____ C:\Users\TOSHIBA-PC\Desktop\RogueKiller.exe
2015-11-13 08:57 - 2015-11-14 18:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-13 08:53 - 2015-11-13 13:28 - 00000000 ____D C:\mbar
2015-11-13 07:15 - 2015-11-14 18:40 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-13 07:15 - 2015-11-13 09:37 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-13 06:46 - 2015-11-14 20:36 - 00000000 ____D C:\FRST
2015-11-13 06:46 - 2015-11-13 06:46 - 01702400 _____ (Farbar) C:\Users\TOSHIBA-PC\Desktop\Find.com
2015-11-13 06:40 - 2015-11-13 06:40 - 01702400 _____ (Farbar) C:\Users\TOSHIBA-PC\Desktop\FRST.exe
2015-11-13 06:24 - 2015-11-13 06:24 - 00002511 _____ C:\Users\Public\Desktop\Evernote.lnk
2015-11-13 06:24 - 2015-11-13 06:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-11-12 20:37 - 2015-11-12 20:37 - 00001299 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-11-12 20:37 - 2015-11-12 20:37 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Local\VS Revo Group
2015-11-12 20:37 - 2015-11-12 20:37 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-11-12 20:37 - 2015-11-12 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-11-12 20:37 - 2015-11-12 20:37 - 00000000 ____D C:\Program Files\VS Revo Group
2015-11-12 20:37 - 2009-12-30 11:21 - 00027192 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-11-11 18:16 - 2015-11-14 11:05 - 00000000 __SHD C:\[Smad-Cage]
2015-11-11 18:16 - 2015-11-11 19:49 - 00000000 ____D C:\Program Files\SMADAV
2015-11-11 18:16 - 2015-11-11 18:16 - 00001083 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2015-11-11 18:16 - 2015-11-11 18:16 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\Smadav
2015-11-11 18:16 - 2015-11-11 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2015-11-11 06:45 - 2015-11-05 07:34 - 06265696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 06:45 - 2015-11-05 07:34 - 00558944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 06:45 - 2015-11-05 07:34 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 06:45 - 2015-11-05 07:32 - 00479072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 06:45 - 2015-11-05 07:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 06:45 - 2015-11-05 07:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 06:45 - 2015-11-05 07:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 06:45 - 2015-11-05 07:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 06:45 - 2015-11-05 07:14 - 00923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 06:45 - 2015-11-05 07:14 - 00024256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 06:45 - 2015-11-05 07:13 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 06:45 - 2015-11-05 06:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 06:45 - 2015-11-05 06:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 06:45 - 2015-11-05 06:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 06:45 - 2015-11-05 06:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 06:45 - 2015-11-05 06:40 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 06:45 - 2015-11-05 06:39 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 06:45 - 2015-11-05 06:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 06:45 - 2015-11-05 06:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 06:45 - 2015-11-05 06:35 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 06:45 - 2015-11-05 06:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 06:45 - 2015-11-05 06:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 06:45 - 2015-11-05 06:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 06:45 - 2015-11-05 06:32 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 06:45 - 2015-11-05 06:30 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 06:45 - 2015-11-05 06:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 06:45 - 2015-11-05 06:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 06:45 - 2015-11-05 06:29 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 06:45 - 2015-11-05 06:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 06:45 - 2015-11-05 06:27 - 02985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 06:45 - 2015-11-05 06:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 06:45 - 2015-11-05 06:27 - 01135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 06:45 - 2015-11-05 06:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 06:45 - 2015-11-05 06:24 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 06:45 - 2015-11-05 06:24 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 06:45 - 2015-11-05 06:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 06:18 - 2015-11-13 09:32 - 00000000 ___HD C:\Users\TOSHIBA-PC\AppData\Roaming\jokwsyc
2015-11-11 06:18 - 2015-11-11 06:18 - 05286088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-11-08 06:09 - 2015-07-19 15:44 - 00001070 _____ C:\Users\TOSHIBA-PC\Desktop\Important Info 4 the Family.txt
2015-10-26 09:01 - 2008-11-13 10:25 - 00137024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinet.ocx
2015-10-26 09:01 - 2005-06-10 13:22 - 00450560 _____ (Sky Software) C:\WINDOWS\system32\filevw61.ocx
2015-10-26 09:01 - 2005-06-10 13:22 - 00352256 _____ (Sky Software) C:\WINDOWS\system32\shcmb61.ocx
2015-10-26 09:01 - 2005-06-10 13:21 - 00417792 _____ (Sky Software) C:\WINDOWS\system32\fldrvw61.ocx
2015-10-26 09:01 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx
2015-10-26 09:01 - 2005-04-13 03:00 - 00331784 _____ (VBGold Software) C:\WINDOWS\system32\aresize.ocx
2015-10-26 09:01 - 2004-10-02 09:36 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\system32\richtx32.ocx
2015-10-26 09:01 - 1999-09-28 21:42 - 01050896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet35.dll
2015-10-26 09:01 - 1998-06-18 10:33 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vb5db.dll
2015-10-26 09:01 - 1998-05-18 00:00 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbar332.dll
2015-10-26 09:01 - 1998-04-24 18:40 - 00407312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrepl35.dll
2015-10-26 09:01 - 1998-04-24 18:40 - 00252176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x35.dll
2015-10-26 09:01 - 1998-04-24 18:40 - 00123664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjint35.dll
2015-10-26 09:01 - 1998-04-24 18:40 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjter35.dll
2015-10-26 09:01 - 1997-07-19 19:00 - 00227600 _____ (Microsoft) C:\WINDOWS\system32\msflxgrd.ocx
2015-10-23 07:20 - 2015-10-23 07:20 - 00000000 ___HD C:\.bzvol
2015-10-23 07:20 - 2015-10-23 07:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
2015-10-23 07:19 - 2015-10-23 07:20 - 00000000 ____D C:\Program Files\Backblaze
2015-10-23 07:19 - 2015-10-23 07:19 - 00000000 ____D C:\ProgramData\Backblaze
2015-10-18 06:03 - 2015-09-25 06:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-18 06:02 - 2015-10-10 09:44 - 00069312 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-18 06:02 - 2015-10-06 05:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-18 06:02 - 2015-10-01 06:36 - 01034032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-18 06:02 - 2015-10-01 06:36 - 00907992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-18 06:02 - 2015-10-01 06:36 - 00869232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-18 06:02 - 2015-10-01 06:36 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-18 06:02 - 2015-10-01 05:40 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-18 06:02 - 2015-09-25 06:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-18 06:02 - 2015-09-25 06:31 - 00368992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-18 06:02 - 2015-09-25 06:21 - 00851296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-18 06:02 - 2015-09-25 05:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-18 06:02 - 2015-09-25 05:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-18 06:02 - 2015-09-25 05:43 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-18 06:02 - 2015-09-25 05:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-18 06:02 - 2015-09-25 05:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-18 06:02 - 2015-09-25 05:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-18 06:02 - 2015-09-25 05:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-18 06:02 - 2015-09-25 05:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-18 06:02 - 2015-09-25 05:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-18 06:02 - 2015-09-25 05:34 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-18 06:02 - 2015-09-25 05:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-18 06:02 - 2015-09-25 05:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-18 06:02 - 2015-09-25 05:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-16 15:29 - 2015-06-12 05:00 - 00123968 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-14 20:36 - 2014-09-13 00:57 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\HaoZip
2015-11-14 19:51 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-14 19:43 - 2015-07-18 22:03 - 00000620 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-477176046-21664723-1367556538-1000.job
2015-11-14 19:20 - 2014-09-13 01:24 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-14 19:18 - 2014-09-13 00:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-14 18:49 - 2015-07-18 22:03 - 00000716 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-477176046-21664723-1367556538-1000.job
2015-11-14 18:37 - 2014-10-05 18:52 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-14 17:22 - 2014-09-13 00:59 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\DMCache
2015-11-14 17:21 - 2014-10-05 18:51 - 00094936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-14 17:17 - 2014-09-13 00:59 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\IDM
2015-11-14 17:07 - 2014-09-13 00:34 - 00000000 __RDO C:\Users\TOSHIBA-PC\OneDrive
2015-11-14 16:53 - 2015-09-16 21:55 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-14 16:51 - 2014-09-13 00:59 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\Skype
2015-11-14 16:50 - 2014-09-13 18:33 - 00000000 ___RD C:\Users\TOSHIBA-PC\Google Drive
2015-11-14 16:49 - 2014-12-25 18:24 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Local\HTC MediaHub
2015-11-14 16:49 - 2014-09-13 01:24 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-14 16:48 - 2015-07-10 12:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-14 15:51 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-11-14 15:12 - 2015-07-10 09:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-14 15:07 - 2014-09-12 23:37 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\vlc
2015-11-14 15:03 - 2015-09-04 22:14 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-14 14:00 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-14 10:52 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-13 17:44 - 2014-09-13 00:19 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Local\VirtualStore
2015-11-13 15:00 - 2014-10-09 12:59 - 00000000 ____D C:\Users\TOSHIBA-PC\Documents\Batman Eternal
2015-11-13 15:00 - 2014-09-25 14:50 - 00000000 ____D C:\shamela_arrawdah
2015-11-13 13:33 - 2014-09-15 06:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 13:24 - 2014-09-15 06:11 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-13 11:45 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\rescache
2015-11-13 09:47 - 2014-09-18 21:43 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\Roaming\uTorrent
2015-11-13 09:44 - 2015-07-10 11:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-13 08:49 - 2014-09-17 21:28 - 00000000 ____D C:\Users\TOSHIBA-PC\AppData\LocalLow\LastPass
2015-11-13 06:56 - 2014-10-05 18:51 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-13 06:05 - 2014-09-16 10:36 - 00000999 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-11-13 06:05 - 2014-09-16 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-11-13 06:05 - 2014-09-16 10:35 - 00000000 ____D C:\Program Files\Calibre2
2015-11-11 17:49 - 2015-09-04 21:53 - 00000000 ____D C:\Users\TOSHIBA-PC
2015-11-11 17:04 - 2014-09-13 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-11 16:46 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-11-11 16:46 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 16:45 - 2015-07-10 11:28 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-11-11 16:28 - 2014-09-13 01:26 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 06:25 - 2015-09-01 20:33 - 00001165 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-11 06:25 - 2014-09-13 12:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 18:28 - 2014-09-06 12:25 - 00000000 ____D C:\Users\TOSHIBA-PC\Downloads\Compressed
2015-11-06 11:45 - 2014-09-06 12:25 - 00000000 ____D C:\Users\TOSHIBA-PC\Downloads\Video
2015-11-05 07:34 - 2015-07-10 12:53 - 00810672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-03 21:20 - 2015-07-10 11:29 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-03 21:20 - 2015-07-10 11:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-31 19:26 - 2015-09-04 22:55 - 00002345 _____ C:\Users\TOSHIBA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-30 08:28 - 2014-09-20 12:22 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 09:01 - 2014-09-29 08:33 - 00001937 _____ C:\Users\TOSHIBA-PC\Desktop\المكتبة الشاملة.lnk
2015-10-26 09:01 - 2014-09-25 15:33 - 00001965 _____ C:\Users\Public\Desktop\المكتبة الشاملة.lnk
2015-10-26 09:01 - 2014-09-25 14:55 - 00000000 ____D C:\Program Files\shamela
2015-10-23 13:32 - 2014-09-15 21:06 - 00000000 ____D C:\Users\TOSHIBA-PC\Documents\Calibre Library
2015-10-18 06:42 - 2014-10-05 18:51 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-18 06:42 - 2014-10-05 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-18 06:04 - 2014-09-13 00:58 - 00000000 ____D C:\Program Files\Internet Download Manager
2015-10-17 17:36 - 2014-09-13 20:47 - 00598395 _____ C:\Users\TOSHIBA-PC\Documents\02. Islam and the Workplace.pptx
2015-10-16 07:48 - 2014-09-13 18:24 - 00002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-10-16 07:48 - 2014-09-13 18:24 - 00002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-10-16 07:48 - 2014-09-13 18:24 - 00002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-10-16 07:48 - 2014-09-13 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-15 20:38 - 2014-10-11 12:14 - 00002045 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-10-15 20:38 - 2014-09-19 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-10-15 20:38 - 2014-09-19 16:09 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
==================== Files in the root of some directories =======
2014-09-17 21:28 - 2014-09-17 21:28 - 11249152 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe
2015-09-04 21:49 - 2015-09-04 21:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\TOSHIBA-PC\msvbvm60.dll
Some files in TEMP:
====================
C:\Users\TOSHIBA-PC\AppData\Local\Temp\avgnt.exe
C:\Users\TOSHIBA-PC\AppData\Local\Temp\dllnt_dump.dll
C:\Users\TOSHIBA-PC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\TOSHIBA-PC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-13 10:34
==================== End of FRST.txt ============================