Sorry about that. Here's the log with the firewall turned off:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016
Ran by jaguar (administrator) on ENIGMA (30-09-2016 20:12:11)
Running from C:\Users\jagua\Downloads
Loaded Profiles: jaguar (Available Profiles: jaguar)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\ns.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\ns.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Dude\dude.exe
() C:\Program Files (x86)\Dude\dude.exe
() C:\Program Files (x86)\Dude\dude.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\jagua\Downloads\zoek (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767760 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Inno3D] => C:\Program Files (x86)\Inno3D\Inno3D.exe [17831424 2016-05-11] (InnoVISION Multimedia Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3820164423-4023711167-2664595355-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-06-30]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-09-19]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-06-30]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{05e47e0b-00d9-473d-b8e0-8332db0b00af}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d233d20d-4876-4313-b19e-8fdc063adb1e}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3820164423-4023711167-2664595355-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-31] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-31] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-31] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.1.7\coFFAddon
FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.1.7\coFFAddon [2016-09-20]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.1.7\coFFAddon
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.google.com/
CHR Profile: C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default [2016-09-30]
CHR Extension: (Google Slides) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-30]
CHR Extension: (Entanglement Web App) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2016-06-30]
CHR Extension: (Google Docs) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-30]
CHR Extension: (Google Drive) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-30]
CHR Extension: (YouTube) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-30]
CHR Extension: (Google Sheets) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-30]
CHR Extension: (Google Docs Offline) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-30]
CHR Extension: (Norton Identity Safe) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-06-30]
CHR Extension: (Poppit!) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2016-06-30]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-06-30]
CHR Extension: (Google Mail Checker) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-06-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-30]
CHR Extension: (Gmail) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR Extension: (Space Planet) - C:\Users\jagua\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2016-06-30]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\Exts\Chrome.crx [2016-08-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\Exts\Chrome.crx [2016-08-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.7.1.32\NS.exe [289080 2016-08-16] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.1.7\Definitions\BASHDefs\20160922.001\BHDrvx64.sys [1854712 2016-08-18] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1607010.020\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [559080 2016-04-19] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-07-02] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-06-30] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.1.7\Definitions\IPSDefs\20160928.001\IDSvia64.sys [1012440 2016-09-29] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2244944 2016-05-09] (MediaTek Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NSx64\1607010.020\SRTSP64.SYS [773360 2016-08-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1607010.020\SRTSPX64.SYS [48888 2016-06-02] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1607010.020\SYMEFASI64.SYS [1627352 2016-06-02] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NSx64\1607010.020\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-07-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1607010.020\Ironx64.SYS [291056 2016-06-02] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1607010.020\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-30 20:05 - 2016-09-30 20:12 - 00001436 _____ C:\runcheck.txt
2016-09-30 20:05 - 2016-09-30 20:05 - 00000000 ____D C:\zoek_backup
2016-09-30 20:04 - 2016-09-30 20:04 - 01309184 _____ C:\Users\jagua\Downloads\zoek.exe
2016-09-30 20:04 - 2016-09-30 20:04 - 01309184 _____ C:\Users\jagua\Downloads\zoek (1).exe
2016-09-30 20:02 - 2016-09-30 20:02 - 00031772 _____ C:\Users\jagua\Downloads\Shortcut.txt
2016-09-30 19:38 - 2016-09-30 20:02 - 00034784 _____ C:\Users\jagua\Downloads\Addition.txt
2016-09-30 19:37 - 2016-09-30 20:12 - 00017621 _____ C:\Users\jagua\Downloads\FRST.txt
2016-09-30 19:37 - 2016-09-30 20:12 - 00000000 ____D C:\FRST
2016-09-30 19:35 - 2016-09-30 19:37 - 02404352 _____ (Farbar) C:\Users\jagua\Downloads\FRST64.exe
2016-09-30 19:13 - 2016-09-30 19:17 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-30 19:09 - 2016-09-30 19:13 - 11579432 _____ (SurfRight B.V.) C:\Users\jagua\Downloads\HitmanPro_x64.exe
2016-09-30 18:56 - 2016-09-30 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Dude
2016-09-30 18:56 - 2016-09-30 18:56 - 00000000 ____D C:\Program Files (x86)\Dude
2016-09-30 18:54 - 2016-09-30 18:55 - 03702898 _____ C:\Users\jagua\Downloads\dude-install-3.6.exe
2016-09-30 18:38 - 2016-09-30 18:38 - 00000000 ___HD C:\OneDriveTemp
2016-09-30 11:45 - 2016-09-30 11:45 - 00000000 ___HD C:\$SysReset
2016-09-29 20:21 - 2016-09-29 20:21 - 00000000 ____D C:\Users\jagua\Desktop\NullDC 1.0.4-389
2016-09-29 20:18 - 2016-09-29 19:29 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-29 20:17 - 2016-09-29 20:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-29 20:17 - 2016-09-29 20:17 - 00000000 ____D C:\Windows.old
2016-09-29 20:17 - 2016-09-29 19:19 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-29 20:16 - 2016-09-29 20:16 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-29 20:16 - 2016-09-29 20:16 - 00000000 ____D C:\Program Files\MSBuild
2016-09-29 20:16 - 2016-09-29 20:16 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-29 20:16 - 2016-09-29 20:16 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-29 20:16 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-29 20:16 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-29 20:16 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-29 20:16 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-29 20:16 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-29 20:16 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-29 19:30 - 2016-09-29 19:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-29 19:29 - 2016-09-29 22:59 - 00000000 ____D C:\Users\jagua\AppData\Local\ConnectedDevicesPlatform
2016-09-29 19:29 - 2016-09-29 19:29 - 00000020 ___SH C:\Users\jagua\ntuser.ini
2016-09-29 19:29 - 2016-09-29 19:29 - 00000000 ____D C:\ProgramData\USOShared
2016-09-29 19:28 - 2016-09-30 18:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2016-09-29 19:28 - 2016-09-30 18:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-29 19:28 - 2016-09-29 19:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-09-29 19:28 - 2016-09-29 19:28 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-29 19:28 - 2016-09-29 19:28 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-29 19:28 - 2016-09-29 19:28 - 00003432 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-29 19:28 - 2016-09-29 19:28 - 00003208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-29 19:28 - 2016-09-29 19:28 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-29 19:28 - 2016-09-29 19:28 - 00002622 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-09-29 19:28 - 2016-09-29 19:28 - 00002414 _____ C:\WINDOWS\System32\Tasks\{949703CD-59C1-4119-85DE-EEFFD7A40064}
2016-09-29 19:28 - 2016-09-29 19:28 - 00002260 _____ C:\WINDOWS\System32\Tasks\{9F3EA301-83F7-49C6-B6D4-69FFBA185F55}
2016-09-29 19:28 - 2016-09-29 19:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-09-29 19:28 - 2016-09-29 19:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-29 19:27 - 2016-09-29 19:27 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-29 19:21 - 2016-09-29 19:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-29 19:21 - 2016-07-16 12:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-29 19:20 - 2016-09-30 00:20 - 00000000 ____D C:\Users\jagua
2016-09-29 19:20 - 2016-09-29 19:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-29 19:19 - 2016-09-30 18:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-29 19:19 - 2016-09-30 18:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-29 19:19 - 2016-09-29 19:26 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-29 19:19 - 2016-09-29 19:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-29 19:19 - 2016-09-29 19:20 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-29 19:19 - 2016-09-29 19:20 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-29 19:19 - 2016-09-29 19:19 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-09-29 19:19 - 2016-09-29 19:19 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-29 19:19 - 2016-09-29 19:19 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-29 19:19 - 2016-09-29 19:19 - 00000000 ____D C:\Program Files\Realtek
2016-09-29 19:19 - 2016-07-10 23:58 - 06385720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-09-29 19:19 - 2016-07-10 23:58 - 02465848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-09-29 19:19 - 2016-07-10 23:58 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-09-29 19:19 - 2016-07-10 23:58 - 01362880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-09-29 19:19 - 2016-07-10 23:58 - 00546240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-09-29 19:19 - 2016-07-10 23:58 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-09-29 19:19 - 2016-07-10 23:58 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-09-29 19:19 - 2016-07-10 23:58 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-09-29 19:19 - 2016-07-07 18:05 - 07211925 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-09-29 14:25 - 2016-09-29 14:26 - 02076190 _____ C:\Users\jagua\Downloads\NullDC 1.0.4-389.zip
2016-09-29 14:16 - 2016-09-29 14:16 - 04713984 _____ (Geza Kovacs) C:\Users\jagua\Downloads\unetbootin-windows-625.exe
2016-09-19 18:46 - 2016-09-30 19:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-19 18:46 - 2016-09-30 11:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-19 18:46 - 2016-09-29 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-19 18:46 - 2016-09-19 18:46 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-19 18:46 - 2016-09-19 18:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-19 18:46 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-19 18:46 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-19 18:46 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-19 18:44 - 2016-09-19 18:46 - 22851472 _____ (Malwarebytes ) C:\Users\jagua\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-19 18:01 - 2016-09-19 18:04 - 00040960 _____ C:\Users\jagua\Downloads\Unconfirmed 283922.crdownload
2016-09-19 17:08 - 2016-09-21 13:50 - 00000000 ____D C:\Users\jagua\AppData\Local\NPE
2016-09-19 16:51 - 2016-09-19 17:08 - 00229376 _____ (Malwarebytes ) C:\Users\jagua\Downloads\Unconfirmed 481335.crdownload
2016-09-19 16:11 - 2016-09-29 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-09-19 16:11 - 2016-09-19 16:13 - 00000000 ____D C:\Users\jagua\AppData\Roaming\TP-LINK
2016-09-19 16:11 - 2016-09-19 16:11 - 00002344 _____ C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
2016-09-19 16:11 - 2016-09-19 16:11 - 00000000 ____D C:\Program Files (x86)\TP-LINK
2016-09-19 16:10 - 2016-09-19 16:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-19 16:10 - 2016-09-19 16:11 - 00000000 ____D C:\ProgramData\TP-LINK
2016-09-19 16:10 - 2014-04-30 04:32 - 00009932 _____ C:\WINDOWS\system32\athwbx.cat
2016-09-19 16:10 - 2013-11-13 16:05 - 03880448 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athwbx.sys
2016-09-06 00:02 - 2016-09-06 00:02 - 00000000 ____D C:\Games
2016-09-06 00:00 - 2016-09-06 00:01 - 21128756 _____ (cncnet.org ) C:\Users\jagua\Downloads\TiberianDawn_Online_installer.exe
2016-09-04 20:53 - 2016-09-04 20:53 - 00000192 _____ C:\Users\jagua\Downloads\_390634_carver9_vi.ram
2016-09-02 12:51 - 2016-09-02 12:51 - 04125641 _____ C:\Users\jagua\Downloads\Super_Mario_Galaxy_-_Manual_-_WII (1).pdf
2016-09-01 15:19 - 2016-09-01 15:19 - 00000001 _____ C:\Users\jagua\Downloads\comment.php
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-30 20:06 - 2016-07-20 14:05 - 00000000 ____D C:\Users\jagua\AppData\Local\CrashDumps
2016-09-30 20:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-30 19:07 - 2016-06-30 00:15 - 00000000 ____D C:\Users\jagua\AppData\Local\VirtualStore
2016-09-30 18:47 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-30 18:45 - 2016-06-30 00:20 - 00924238 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-30 18:38 - 2016-06-30 11:15 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-30 18:38 - 2016-06-30 00:17 - 00000000 ___RD C:\Users\jagua\OneDrive
2016-09-30 13:26 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-30 12:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-30 11:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-30 11:15 - 2016-07-15 21:22 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-09-30 11:03 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-30 10:57 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-30 10:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-29 20:18 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-29 20:16 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-09-29 20:16 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-09-29 20:16 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-09-29 20:16 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-09-29 20:16 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-09-29 19:45 - 2016-06-30 00:15 - 00000000 ____D C:\Users\jagua\AppData\Local\Packages
2016-09-29 19:30 - 2016-06-30 00:17 - 00002367 _____ C:\Users\jagua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-29 19:29 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-29 19:29 - 2016-06-30 00:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-29 19:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-29 19:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-29 19:28 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-29 19:27 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-29 19:21 - 2016-08-13 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-29 19:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-29 19:21 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-29 19:21 - 2016-07-16 07:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-09-29 19:21 - 2016-07-15 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno3D
2016-09-29 19:21 - 2016-07-15 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-09-29 19:21 - 2016-07-03 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-09-29 19:21 - 2016-07-01 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-29 19:21 - 2016-06-30 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project64 2.2
2016-09-29 19:21 - 2016-06-30 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-09-29 19:21 - 2016-06-30 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-09-29 19:21 - 2016-06-30 16:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2016-09-29 19:21 - 2016-06-30 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-29 19:21 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-29 19:20 - 2016-08-30 14:59 - 00000000 ____D C:\Users\jagua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-29 19:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-29 19:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-29 19:20 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-29 19:20 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-29 19:20 - 2016-06-30 00:53 - 00000000 ____D C:\Program Files\Intel
2016-09-29 19:19 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-29 19:19 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-29 19:19 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-29 19:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2016-09-29 15:55 - 2016-07-17 00:34 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-29 15:38 - 2016-06-30 00:23 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-29 15:38 - 2016-06-30 00:23 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-29 13:07 - 2016-06-30 00:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-19 19:38 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-19 19:38 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-19 19:18 - 2016-06-30 15:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-19 19:15 - 2016-06-30 15:37 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-19 17:09 - 2016-06-30 16:10 - 00000000 ____D C:\ProgramData\Norton
2016-09-19 17:06 - 2016-08-01 17:09 - 00000022 _____ C:\Users\jagua\Downloads\psx bios(scph1001).zip.zip
2016-09-16 11:14 - 2016-07-23 23:28 - 00000000 ____D C:\Users\jagua\AppData\Local\ElevatedDiagnostics
2016-09-15 11:39 - 2016-06-30 00:28 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-15 11:39 - 2016-06-30 00:28 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-31 18:40 - 2016-06-30 23:43 - 00000000 ____D C:\ProgramData\Oracle
2016-08-31 18:18 - 2016-07-01 16:52 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-08-31 18:18 - 2016-07-01 16:51 - 00000000 ____D C:\Program Files\Java
2016-08-31 18:18 - 2016-07-01 16:25 - 00000000 ____D C:\Users\jagua\.oracle_jre_usage
==================== Files in the root of some directories =======
2016-07-02 21:37 - 2016-07-02 21:37 - 0000017 _____ () C:\Users\jagua\AppData\Local\resmon.resmoncfg
2016-09-29 19:19 - 2016-09-29 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\jagua\AppData\Local\Temp\7za.exe
C:\Users\jagua\AppData\Local\Temp\DaS_21.exe
C:\Users\jagua\AppData\Local\Temp\hijackthis.exe
C:\Users\jagua\AppData\Local\Temp\NirCmd.exe
C:\Users\jagua\AppData\Local\Temp\PEVZ.EXE
C:\Users\jagua\AppData\Local\Temp\remove.exe
C:\Users\jagua\AppData\Local\Temp\sed.exe
C:\Users\jagua\AppData\Local\Temp\shortcut.exe
C:\Users\jagua\AppData\Local\Temp\swreg.exe
C:\Users\jagua\AppData\Local\Temp\swxcacls.exe
C:\Users\jagua\AppData\Local\Temp\wget.exe
C:\Users\jagua\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-29 19:19
==================== End of FRST.txt ============================