Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2015
Ran by Melissa (administrator) on MELISSA-GRECO on 25-04-2015 18:54:13
Running from C:\Users\Melissa\Downloads
Loaded Profiles: Melissa (Available profiles: Melissa)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-20] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-03-23] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2914793285-942858159-1918959283-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2914793285-942858159-1918959283-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-2914793285-942858159-1918959283-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
HKU\S-1-5-21-2914793285-942858159-1918959283-1001\...\Run: [GoogleChromeAutoLaunch_0CCDC40B7F4197DCBC8105A54C0F2AF9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-2914793285-942858159-1918959283-1001\...\Winlogon: [Shell] explorer.exe,"C:\Program Files\Rainmeter\Rainmeter.exe" <==== ATTENTION
Startup: C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-01-20]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2914793285-942858159-1918959283-1001 -> DefaultScope {237EABAB-F0F6-4329-B30B-CCAF034B3291} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2914793285-942858159-1918959283-1001 -> {237EABAB-F0F6-4329-B30B-CCAF034B3291} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2914793285-942858159-1918959283-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\t5f5g81r.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: MxWRK - C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\t5f5g81r.default\Extensions\{ffd00250-6f4b-11e4-9803-0800200c9a66}.xpi [2014-12-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (SwagButton) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2015-01-16]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR Profile: C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Awesome Screenshot: Capture, Annotate & Share) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-02-27]
CHR Extension: (Google Drive) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-17]
CHR Extension: (Google Search) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (Empty New Tab Page) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2015-04-25]
CHR Extension: (Bookmark Manager) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-18]
CHR Extension: (SwagButton) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2015-01-17]
CHR Extension: (Reddit Notifier) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikingdipinldcfllekffnlgbojbbpilk [2015-03-14]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-17]
CHR Extension: (Coupons at Checkout) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kegphgaihkjoophpabchkmpaknehfamb [2015-04-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Google Wallet) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-17]
CHR Extension: (Gmail) - C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-21] (Acer Incorporate)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-04-25] (Enigma Software Group USA, LLC.)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-02-24] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [92360 2015-01-20] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [264392 2015-01-20] (Advanced Micro Devices, Inc. )
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-19] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-04-25] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-04-25] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-25 18:54 - 2015-04-25 18:55 - 00020200 _____ () C:\Users\Melissa\Downloads\FRST.txt
2015-04-25 18:54 - 2015-04-25 18:54 - 00000000 ____D () C:\FRST
2015-04-25 18:53 - 2015-04-25 18:53 - 02099712 _____ (Farbar) C:\Users\Melissa\Downloads\FRST64.exe
2015-04-25 18:47 - 2015-04-25 18:47 - 00688992 _____ (Swearware) C:\Users\Melissa\Downloads\dds (2).scr
2015-04-25 18:47 - 2015-04-25 18:47 - 00688992 _____ (Swearware) C:\Users\Melissa\Downloads\dds (1).scr
2015-04-25 18:46 - 2015-04-25 18:47 - 00688992 _____ (Swearware) C:\Users\Melissa\Desktop\dds.scr
2015-04-25 16:16 - 2015-04-25 16:16 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Melissa\Downloads\tdsskiller.exe
2015-04-25 13:22 - 2015-04-25 13:22 - 00000000 _____ () C:\autoexec.bat
2015-04-25 13:21 - 2015-04-25 13:21 - 00003344 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-04-25 13:21 - 2015-04-25 13:21 - 00000000 ____D () C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-04-25 13:21 - 2015-04-25 13:21 - 00000000 ____D () C:\Users\Melissa\AppData\Roaming\Enigma Software Group
2015-04-25 13:21 - 2015-04-25 13:21 - 00000000 ____D () C:\sh4ldr
2015-04-25 13:20 - 2015-04-25 13:20 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-04-25 13:20 - 2015-04-25 13:20 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-25 13:19 - 2015-04-25 13:19 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Melissa\Downloads\SpyHunter-Installer.exe
2015-04-25 13:17 - 2015-04-25 13:17 - 00002149 _____ () C:\Users\Melissa\Downloads\software_removal_tool.log
2015-04-24 20:56 - 2015-04-24 20:56 - 00000000 ____D () C:\Windows\pss
2015-04-24 20:50 - 2015-04-24 20:50 - 157519640 _____ (Microsoft Corporation) C:\Users\Melissa\Downloads\msert (1).exe
2015-04-22 22:41 - 2015-04-22 22:41 - 00000038 _____ () C:\Users\Melissa\Downloads\Book.csv
2015-04-22 20:53 - 2015-04-22 20:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-21 19:57 - 2015-04-21 19:57 - 02685507 _____ (Thisisu) C:\Users\Melissa\Downloads\JRT (1).exe
2015-04-21 19:56 - 2015-04-21 19:56 - 02217984 _____ () C:\Users\Melissa\Downloads\adwcleaner_4.201.exe
2015-04-19 16:47 - 2015-04-19 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2015-04-19 16:47 - 2015-04-19 16:52 - 00000000 ____D () C:\Program Files (x86)\iMobie
2015-04-19 16:47 - 2015-04-19 16:47 - 06998584 _____ (iMobie Inc. ) C:\Users\Melissa\Downloads\phoneclean-setup.exe
2015-04-19 16:45 - 2015-04-19 16:46 - 17182592 _____ (iMobie Inc. ) C:\Users\Melissa\Downloads\anytrans-thanksgiving-setup.exe
2015-04-19 16:28 - 2015-04-19 16:28 - 00000000 ____D () C:\Users\Melissa\AppData\Roaming\WinRAR
2015-04-19 16:26 - 2015-04-19 16:28 - 275305744 _____ () C:\Users\Melissa\Downloads\Bring Me the Horizon - Sempiternal (Deluxe Edition) [iTunes] (1).rar
2015-04-19 16:26 - 2015-04-19 16:26 - 00000000 ____D () C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-19 16:26 - 2015-04-19 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-19 16:26 - 2015-04-19 16:26 - 00000000 ____D () C:\Program Files\WinRAR
2015-04-19 16:25 - 2015-04-19 16:25 - 01941744 _____ () C:\Users\Melissa\Downloads\winrar-x64-521.exe
2015-04-19 16:24 - 2015-04-19 16:24 - 01760040 _____ () C:\Users\Melissa\Downloads\wrar521.exe
2015-04-19 16:22 - 2015-04-19 16:24 - 275305744 _____ () C:\Users\Melissa\Downloads\Bring Me the Horizon - Sempiternal (Deluxe Edition) [iTunes].rar
2015-04-19 16:16 - 2015-04-19 16:18 - 77884240 _____ () C:\Users\Melissa\Downloads\BRING_ME_THE_HORIZON_-_SEMPITERNAL_2013.rar
2015-04-19 13:53 - 2015-04-19 13:56 - 00000000 ____D () C:\Users\Melissa\Documents\Greco_Raizel_EMP212CA
2015-04-18 22:40 - 2015-04-18 22:41 - 42096984 _____ (Apple Inc.) C:\Users\Melissa\Downloads\QuickTimeInstaller.exe
2015-04-18 22:37 - 2015-04-18 22:38 - 306960444 _____ () C:\Users\Melissa\Downloads\The 1975 (Deluxe Edition).zip
2015-04-18 22:06 - 2015-04-22 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-18 22:05 - 2015-04-18 22:06 - 00000000 ____D () C:\Program Files\iTunes
2015-04-18 22:05 - 2015-04-18 22:05 - 00000000 ____D () C:\Program Files\iPod
2015-04-18 22:05 - 2015-04-18 22:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-14 22:49 - 2015-04-14 22:49 - 00000000 ____D () C:\2b1d7cc002267f05b12f5359
2015-04-14 19:30 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 19:30 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 19:30 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 19:30 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 19:30 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 19:30 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 19:30 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 16:51 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 16:51 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 16:51 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-14 16:51 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 16:51 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-14 16:51 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-14 16:51 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 16:51 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 16:51 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-14 16:51 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-14 16:51 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-14 16:51 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-14 16:51 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 16:51 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 16:51 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 16:51 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-14 16:51 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 16:51 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 16:51 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 16:51 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 16:51 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 16:51 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-14 16:51 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-14 16:51 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 16:51 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 16:51 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 16:51 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-14 16:51 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 16:51 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 16:51 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 16:51 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 16:51 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 16:51 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 16:51 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 16:51 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 16:51 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 16:51 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 16:51 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-14 16:50 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 16:50 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 16:50 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 16:50 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 16:50 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 16:50 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 16:50 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 16:50 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 16:50 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 16:50 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-14 16:50 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-14 16:50 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 16:50 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 16:50 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 16:50 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 16:50 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 16:50 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 16:50 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 16:50 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-14 16:50 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-14 16:50 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-14 16:50 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 16:50 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 09:24 - 2015-04-11 09:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-11 09:24 - 2015-04-11 09:24 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 09:21 - 2015-04-11 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-11 09:19 - 2015-04-11 09:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-11 09:19 - 2015-04-11 09:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-11 09:13 - 2014-04-15 19:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-04-11 09:13 - 2014-04-15 19:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-04-11 09:12 - 2014-10-30 20:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-04-11 09:11 - 2014-11-15 15:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-11 09:11 - 2014-11-15 02:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-11 09:11 - 2014-11-14 02:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-04-11 09:11 - 2014-11-14 01:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-04-11 09:11 - 2014-11-10 14:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-11 09:11 - 2014-11-10 14:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-11 09:11 - 2014-11-10 14:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-11 09:11 - 2014-11-10 14:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-04-11 09:11 - 2014-11-09 22:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-04-11 09:11 - 2014-11-09 21:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-04-11 09:11 - 2014-11-09 21:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-11 09:11 - 2014-11-09 21:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-11 09:11 - 2014-11-09 21:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-04-11 09:11 - 2014-11-09 21:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-04-11 09:11 - 2014-11-09 21:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-04-11 09:11 - 2014-11-09 21:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-11 09:11 - 2014-11-09 20:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-04-11 09:11 - 2014-11-09 20:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-04-11 09:11 - 2014-11-08 00:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-04-11 09:11 - 2014-11-08 00:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-04-11 09:11 - 2014-11-07 23:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-04-11 09:11 - 2014-11-07 23:58 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-04-11 09:11 - 2014-11-07 23:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-04-11 09:11 - 2014-11-07 23:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-04-11 09:11 - 2014-11-07 23:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-04-11 09:11 - 2014-11-07 23:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-04-11 09:11 - 2014-11-07 23:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-04-11 09:11 - 2014-11-07 23:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-04-11 09:11 - 2014-11-07 23:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-04-11 09:11 - 2014-11-07 22:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-04-11 09:11 - 2014-11-07 22:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-04-11 09:11 - 2014-11-07 22:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-04-11 09:11 - 2014-11-07 22:09 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-04-11 09:11 - 2014-11-07 22:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-04-11 09:11 - 2014-11-07 21:59 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-04-11 09:11 - 2014-11-07 21:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-04-11 09:11 - 2014-11-07 21:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-04-11 09:11 - 2014-11-06 23:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-04-11 09:11 - 2014-11-06 23:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-04-11 09:11 - 2014-11-04 22:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-04-11 09:11 - 2014-11-04 22:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-04-11 09:11 - 2014-11-04 22:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-04-11 09:11 - 2014-11-04 21:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-04-11 09:11 - 2014-11-04 21:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-04-11 09:11 - 2014-11-04 21:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-04-11 09:11 - 2014-11-04 21:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-04-11 09:11 - 2014-11-04 21:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-04-11 09:11 - 2014-11-04 21:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-04-11 09:11 - 2014-11-04 21:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-04-11 09:11 - 2014-11-04 21:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-04-11 09:11 - 2014-11-04 21:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-04-11 09:11 - 2014-11-04 21:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-04-11 09:11 - 2014-11-04 21:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-04-11 09:11 - 2014-11-04 15:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-04-11 09:11 - 2014-11-04 15:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-04-11 09:11 - 2014-11-04 15:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-04-11 09:11 - 2014-11-04 02:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-04-11 09:11 - 2014-11-04 02:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-04-11 09:11 - 2014-11-04 02:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-04-11 09:11 - 2014-11-04 02:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-04-11 09:11 - 2014-11-04 02:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-04-11 09:11 - 2014-11-04 01:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-04-11 09:11 - 2014-10-30 20:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-04-11 09:11 - 2014-10-28 23:05 - 00551232 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-04-11 09:11 - 2014-10-28 21:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-04-11 09:11 - 2014-10-28 21:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-04-11 09:11 - 2014-10-20 21:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-04-11 09:11 - 2014-10-20 21:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-04-11 09:11 - 2014-10-20 20:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-04-11 09:11 - 2014-10-20 20:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-04-11 09:11 - 2014-10-20 20:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-04-11 09:11 - 2014-10-20 20:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-04-11 09:11 - 2014-10-20 20:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-04-11 09:11 - 2014-10-17 00:56 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-04-11 09:11 - 2014-10-17 00:56 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-04-11 09:11 - 2014-10-17 00:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-04-11 09:11 - 2014-10-16 23:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-04-11 09:10 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-11 09:10 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-28 16:59 - 2015-04-24 15:43 - 00000000 ____D () C:\Users\Melissa\AppData\Local\Popcorn Time
2015-03-28 16:58 - 2015-03-28 16:59 - 23315064 _____ (Popcorn Official) C:\Users\Melissa\Downloads\Popcorn-Time-0.3.7.2-Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-25 18:45 - 2014-05-17 06:13 - 01641393 _____ () C:\Windows\WindowsUpdate.log
2015-04-25 18:40 - 2015-01-16 16:30 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 18:40 - 2014-12-29 00:21 - 00004986 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MELISSA-GRECO-Melissa Melissa-Greco
2015-04-25 18:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-25 18:34 - 2014-12-27 10:18 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E92A0C10-2A8F-4E75-B02C-F4E3F3655F84}
2015-04-25 18:31 - 2015-01-25 20:04 - 00000000 ____D () C:\Users\Melissa\Documents\Bluetooth Folder
2015-04-25 18:30 - 2015-01-16 16:30 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 18:30 - 2014-12-27 10:17 - 00000000 __RDO () C:\Users\Melissa\OneDrive
2015-04-25 18:30 - 2014-05-17 07:04 - 02709947 _____ () C:\Windows\SysWOW64\rootpa.e2e
2015-04-25 18:29 - 2013-08-22 10:46 - 00032999 _____ () C:\Windows\setupact.log
2015-04-25 18:29 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 18:28 - 2013-08-22 09:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2015-04-25 18:23 - 2014-12-27 20:25 - 00000000 ____D () C:\Users\Melissa\AppData\Roaming\Skype
2015-04-25 16:19 - 2015-02-20 18:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 16:18 - 2015-02-05 16:53 - 00000020 _____ () C:\Users\Melissa\AppData\Roaming\appdataFr3.bin
2015-04-25 16:08 - 2014-12-27 10:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2914793285-942858159-1918959283-1001
2015-04-25 13:17 - 2015-03-06 23:43 - 00001842 _____ () C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome - Shortcut.lnk
2015-04-25 13:02 - 2014-12-27 10:13 - 00000000 ____D () C:\Users\Melissa\AppData\Local\Packages
2015-04-25 13:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-25 11:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-04-24 20:44 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-24 14:37 - 2014-12-29 01:13 - 00056832 ___SH () C:\Users\Melissa\Documents\Thumbs.db
2015-04-24 14:34 - 2014-12-26 23:14 - 00000000 ____D () C:\Users\Melissa\Documents\School
2015-04-21 20:00 - 2014-04-10 00:25 - 00026058 _____ () C:\Windows\PFRO.log
2015-04-21 19:59 - 2015-02-20 22:04 - 00000000 ____D () C:\AdwCleaner
2015-04-21 18:28 - 2014-04-10 00:31 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 16:06 - 2014-12-29 00:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-21 16:06 - 2014-12-26 22:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 16:05 - 2014-12-29 00:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-20 20:20 - 2015-01-02 20:47 - 00138240 ___SH () C:\Users\Melissa\Downloads\Thumbs.db
2015-04-19 20:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-19 16:47 - 2015-01-02 20:36 - 00000000 ____D () C:\Users\Melissa\AppData\Roaming\iMobie
2015-04-19 16:47 - 2015-01-02 20:36 - 00000000 ____D () C:\Users\Melissa\AppData\Local\iMobie_Inc
2015-04-19 16:29 - 2015-03-19 18:33 - 00000000 ____D () C:\ProgramData\WinZip
2015-04-19 10:17 - 2014-12-26 22:09 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-18 22:05 - 2014-12-26 19:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-16 18:34 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-15 21:11 - 2015-02-25 18:06 - 00000000 ____D () C:\Users\Melissa\AppData\Local\Unity
2015-04-15 17:12 - 2014-12-29 16:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 17:12 - 2014-12-29 16:23 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 22:49 - 2014-12-29 16:10 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 22:49 - 2014-12-29 16:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 22:49 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-14 17:02 - 2013-08-22 09:25 - 00000199 _____ () C:\Windows\win.ini
2015-04-14 16:59 - 2015-01-01 17:09 - 00000000 ____D () C:\Users\Melissa\Documents\Giveaways Won
2015-04-11 09:24 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-04-11 09:24 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\setup
2015-04-11 09:09 - 2015-02-05 19:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-02 23:39 - 2014-12-27 10:11 - 00000000 ____D () C:\Users\Melissa
2015-03-30 16:08 - 2014-12-29 00:27 - 00000000 ____D () C:\Users\Melissa\Documents\Microsoft Office
2015-03-30 13:55 - 2014-12-26 23:14 - 00000000 ____D () C:\Users\Melissa\Documents\Beer Money
2015-03-29 15:33 - 2014-04-10 02:28 - 00002487 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-26 18:51 - 2014-12-27 20:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-26 18:50 - 2014-12-27 20:25 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-02-05 16:53 - 2015-04-25 16:18 - 0000020 _____ () C:\Users\Melissa\AppData\Roaming\appdataFr3.bin
2014-05-17 06:37 - 2014-05-17 06:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Melissa\AppData\Local\Temp\HitmanPro.exe
C:\Users\Melissa\AppData\Local\Temp\Quarantine.exe
C:\Users\Melissa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Melissa\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-22 21:06
==================== End Of Log ============================