Jump to content

AppleMoto

Members
 View Profile  See their activity

  • Posts

    15

  • Joined

  • Last visited

 Content Type 

Everything posted by AppleMoto

  1. AppleMoto
    All my drivers are up to date and there is no change, I guess the problem isn't malware based then, which is a relief
  2. AppleMoto
    okay sorry, I'll attach them ESET Came back clean, no threats found Thanks. -Mo FRST.txt Addition.txt AdwCleaner[S2].txt JRT.txt
  3. AppleMoto
    it was upgraded from windows 7, probably like 2 or 3 months ago. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.6 (04.25.2016) Operating System: Windows 10 Pro x64 Ran by Moto (Administrator) on 02/07/2016 at 1:26:19.25 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 02/07/2016 at 1:27:22.09 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v5.201 - Logfile created 02/07/2016 at 01:44:11 # Updated 30/06/2016 by ToolsLib # Database : 2016-07-01.1 [Server] # Operating system : Windows 10 Pro (X64) # Username : Moto - SARAH # Running from : G:\Desktop\AdwCleaner (1).exe # Option : Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [3288 bytes] - [24/06/2016 17:50:45] C:\AdwCleaner\AdwCleaner[S1].txt - [3256 bytes] - [24/06/2016 17:45:15] C:\AdwCleaner\AdwCleaner[S2].txt - [753 bytes] - [02/07/2016 01:44:11] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [825 bytes] ########## ESET Came back clean, no threats found Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016 Ran by Moto (administrator) on SARAH (02-07-2016 03:23:21) Running from G:\Desktop Loaded Profiles: Moto (Available Profiles: Moto & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe (Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5020\Agent.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () G:\Desktop\AdwCleaner (1).exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) G:\Desktop\FRST64 (1).exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1259008 2016-04-05] () HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] () Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Spotify Web Helper] => C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-16] (Spotify Ltd) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Discord] => C:\Users\Moto\AppData\Local\Discord\app-0.0.290\Discord.exe [57924280 2016-05-05] (Hammer & Chisel, Inc.) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-01-02] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-24] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-01-08] ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) Startup: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.scf [2013-05-06] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{06fe9622-fd21-4162-a578-1daad5f44bb1}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1643741209-629586362-3516323415-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-24] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-25] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-24] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-20] FF HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File CHR Profile: C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (BetterTTV) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-04] CHR Extension: (Kaspersky Protection) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-02] CHR Extension: (Adobe Acrobat) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-02-19] CHR Extension: (Infinite HD App) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\laealigljflmglcgncipdbmbjgjdpiim [2016-06-22] CHR Extension: (TubeBuddy) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2016-07-01] CHR Extension: (Chrome Web Store Payments) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-02] (Kaspersky Lab ZAO) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2015-12-31] (Scarlet.Crush Productions) [File not signed] R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-09-24] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed] S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] () R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658) R3 ElgatoVAD; C:\Windows\system32\DRIVERS\ElgatoVAD.sys [28800 2016-03-30] (Elgato Systems GmbH) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-02] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-25] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-02] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-25] (AO Kaspersky Lab) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-04-23] (hxxp://libusb-win32.sourceforge.net) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation) R3 MZ0380.X64; C:\Windows\system32\DRIVERS\MZ0380.X64.SYS [3528456 2016-03-29] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-02 01:45 - 2016-07-02 01:45 - 00000000 ____D C:\Users\Moto\AppData\Local\ESET 2016-07-01 23:27 - 2016-07-01 23:27 - 00000000 ____D C:\WINDOWS\ERDNT 2016-07-01 23:27 - 2016-07-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2016-07-01 23:27 - 2016-07-01 23:27 - 00000000 ____D C:\Program Files (x86)\ERUNT 2016-06-25 12:29 - 2016-06-25 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test 2016-06-24 19:11 - 2016-06-24 19:11 - 00000000 ____D C:\Users\Moto\AppData\Local\PeerDistRepub 2016-06-24 19:01 - 2016-06-24 19:01 - 00000000 ____D C:\Users\Moto\AppData\Local\ActiveSync 2016-06-24 18:59 - 2016-06-24 18:59 - 00000000 ____D C:\Users\Moto\.android 2016-06-24 18:21 - 2016-06-24 18:00 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2016-06-24 18:00 - 2016-06-24 18:19 - 00000000 ____D C:\zoek_backup 2016-06-24 17:58 - 2016-07-02 03:23 - 00000000 ____D C:\FRST 2016-06-24 17:44 - 2016-07-02 01:44 - 00000000 ____D C:\AdwCleaner 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignf50f45bb3287bb54 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignb1c5c93b4d5fae5f 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6af0b4a821d51b28 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6982e884f92a7019 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign2d6006ca443bf9eb 2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignc36f1afca5bd07cb 2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9354230b3c411d78 2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign23c18db989f93014 2016-06-22 01:44 - 2016-06-22 01:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\dungeoneering 2016-06-21 15:24 - 2016-06-21 15:24 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe SpeedGrade CC 2015.lnk 2016-06-21 15:22 - 2016-06-21 15:22 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9ddec1ddef1b277e 2016-06-21 15:20 - 2016-06-21 15:20 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate CC 2015.2.lnk 2016-06-21 15:16 - 2016-06-21 15:16 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.2.lnk 2016-06-21 15:13 - 2016-06-21 15:13 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk 2016-06-21 15:09 - 2016-06-21 15:09 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk 2016-06-21 15:06 - 2016-06-21 15:06 - 00001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk 2016-06-21 15:01 - 2016-06-21 15:01 - 00001252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.3.lnk 2016-06-21 14:58 - 2016-06-21 14:58 - 00001356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview 4).lnk 2016-06-21 14:54 - 2016-06-21 14:54 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk 2016-06-19 15:35 - 2016-06-19 15:35 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2016-06-14 22:41 - 2016-05-28 07:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-14 22:41 - 2016-05-28 06:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-14 22:41 - 2016-05-28 06:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-14 22:41 - 2016-05-28 06:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-14 22:41 - 2016-05-28 06:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-06-14 22:41 - 2016-05-28 06:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2016-06-14 22:41 - 2016-05-28 06:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-06-14 22:41 - 2016-05-28 06:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-06-14 22:41 - 2016-05-28 06:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-06-14 22:41 - 2016-05-28 06:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-14 22:41 - 2016-05-28 06:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-14 22:41 - 2016-05-28 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-06-14 22:41 - 2016-05-28 06:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-14 22:41 - 2016-05-28 06:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2016-06-14 22:41 - 2016-05-28 06:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-14 22:41 - 2016-05-28 06:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-06-14 22:41 - 2016-05-28 06:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-06-14 22:41 - 2016-05-28 06:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-06-14 22:41 - 2016-05-28 06:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-14 22:41 - 2016-05-28 06:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-06-14 22:41 - 2016-05-28 06:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-06-14 22:41 - 2016-05-28 06:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-06-14 22:41 - 2016-05-28 06:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-06-14 22:41 - 2016-05-28 06:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-06-14 22:41 - 2016-05-28 06:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-14 22:41 - 2016-05-28 06:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-06-14 22:41 - 2016-05-28 06:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-14 22:41 - 2016-05-28 06:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-14 22:41 - 2016-05-28 06:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-14 22:41 - 2016-05-28 06:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-14 22:41 - 2016-05-28 06:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-06-14 22:41 - 2016-05-28 06:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-14 22:41 - 2016-05-28 06:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-14 22:41 - 2016-05-28 05:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-06-14 22:41 - 2016-05-28 05:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-06-14 22:41 - 2016-05-28 05:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-06-14 22:41 - 2016-05-28 05:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-14 22:41 - 2016-05-28 05:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-14 22:41 - 2016-05-28 05:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-06-14 22:41 - 2016-05-28 05:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-06-14 22:41 - 2016-05-28 05:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys 2016-06-14 22:41 - 2016-05-28 05:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-14 22:41 - 2016-05-28 05:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-14 22:41 - 2016-05-28 05:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll 2016-06-14 22:41 - 2016-05-28 05:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-06-14 22:41 - 2016-05-28 05:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-06-14 22:41 - 2016-05-28 05:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-14 22:41 - 2016-05-28 05:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-14 22:41 - 2016-05-28 05:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-06-14 22:41 - 2016-05-28 05:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-06-14 22:41 - 2016-05-28 05:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-06-14 22:41 - 2016-05-28 05:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-06-14 22:41 - 2016-05-28 05:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-06-14 22:41 - 2016-05-28 05:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-06-14 22:41 - 2016-05-28 05:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2016-06-14 22:41 - 2016-05-28 05:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys 2016-06-14 22:41 - 2016-05-28 05:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-14 22:41 - 2016-05-28 05:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-06-14 22:41 - 2016-05-28 05:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-14 22:41 - 2016-05-28 05:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-06-14 22:41 - 2016-05-28 05:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-06-14 22:41 - 2016-05-28 05:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-14 22:41 - 2016-05-28 05:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-14 22:41 - 2016-05-28 05:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-14 22:41 - 2016-05-28 05:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-14 22:41 - 2016-05-28 05:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-06-14 22:41 - 2016-05-28 05:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-14 22:41 - 2016-05-28 05:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-14 22:41 - 2016-05-28 05:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-14 22:41 - 2016-05-28 05:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2016-06-14 22:41 - 2016-05-28 05:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-06-14 22:41 - 2016-05-28 05:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-14 22:41 - 2016-05-28 05:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-06-14 22:41 - 2016-05-28 05:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-14 22:41 - 2016-05-28 05:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-06-14 22:41 - 2016-05-28 05:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-06-14 22:41 - 2016-05-28 05:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-14 22:41 - 2016-05-28 05:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-06-14 22:41 - 2016-05-28 05:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-06-14 22:41 - 2016-05-28 05:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-06-14 22:41 - 2016-05-28 05:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-14 22:41 - 2016-05-28 05:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-06-14 22:41 - 2016-05-28 05:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-06-14 22:41 - 2016-05-28 04:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-06-14 22:41 - 2016-05-28 04:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-06-14 22:41 - 2016-05-28 04:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-06-14 22:41 - 2016-05-28 04:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-06-09 18:20 - 2016-06-09 18:20 - 00000000 ____D C:\Users\Moto\AppData\Local\mslug3 2016-06-09 09:19 - 2016-06-09 09:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-06-09 09:19 - 2016-06-03 08:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-06-09 09:19 - 2016-06-03 04:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-06-09 09:19 - 2016-05-04 03:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-06-09 09:19 - 2016-05-04 03:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll 2016-06-09 09:19 - 2016-05-04 03:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe 2016-06-09 09:19 - 2016-05-04 03:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iTunes 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iPod 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files (x86)\iTunes ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-02 03:23 - 2016-05-04 15:47 - 00000000 ____D C:\Users\Moto\AppData\Local\Battle.net 2016-07-02 03:23 - 2016-01-02 18:14 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Skype 2016-07-02 02:43 - 2016-03-20 22:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-07-02 02:34 - 2016-01-02 12:03 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-02 02:00 - 2016-01-02 04:37 - 00000000 ____D C:\Users\Moto\AppData\Local\Adobe 2016-07-02 01:27 - 2016-01-02 04:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-07-02 01:26 - 2016-01-02 05:32 - 00000000 ____D C:\Users\Moto\AppData\Local\CrashDumps 2016-07-01 23:53 - 2016-05-04 15:46 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-07-01 23:34 - 2016-01-02 12:03 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-01 23:30 - 2016-03-27 23:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-07-01 23:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-07-01 23:17 - 2016-04-20 18:48 - 01218544 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-01 23:17 - 2016-04-20 14:32 - 00171290 _____ C:\WINDOWS\system32\prfh0404.dat 2016-07-01 23:17 - 2016-04-20 14:32 - 00057268 _____ C:\WINDOWS\system32\prfc0404.dat 2016-07-01 23:17 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-07-01 23:16 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-01 23:15 - 2016-04-28 16:56 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A706311-F243-4979-80A9-A75224DCACAD} 2016-07-01 23:12 - 2016-01-02 04:44 - 00000000 ___RD C:\Users\Moto\Creative Cloud Files 2016-07-01 23:12 - 2016-01-02 04:44 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-07-01 23:11 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA 2016-07-01 23:11 - 2016-02-13 18:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-07-01 23:11 - 2016-01-02 04:52 - 00026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys 2016-07-01 02:21 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-06-30 21:01 - 2016-05-05 12:10 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-06-30 01:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-06-28 03:15 - 2016-03-11 11:55 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Spotify 2016-06-28 00:20 - 2016-03-11 11:56 - 00000000 ____D C:\Users\Moto\AppData\Local\Spotify 2016-06-26 17:02 - 2016-04-20 18:49 - 00000000 ____D C:\Users\Moto 2016-06-24 18:59 - 2016-01-08 05:44 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-06-24 18:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-06-24 18:16 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-06-24 17:50 - 2016-01-24 05:37 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Yahoo! 2016-06-24 16:38 - 2016-01-03 14:11 - 00000000 ____D C:\Users\Moto\AppData\Local\ElevatedDiagnostics 2016-06-24 16:37 - 2016-01-13 12:29 - 00000000 ____D C:\ProgramData\Oracle 2016-06-24 16:32 - 2016-01-13 12:30 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\Users\Moto\.oracle_jre_usage 2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-06-24 16:32 - 2016-01-13 12:29 - 00000000 ____D C:\Program Files (x86)\Java 2016-06-22 13:06 - 2016-01-24 04:58 - 00000033 _____ C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat 2016-06-21 15:27 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Adobe 2016-06-21 15:24 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-06-21 15:24 - 2016-01-02 04:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Adobe 2016-06-21 14:57 - 2016-01-02 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-06-19 21:18 - 2016-01-02 21:09 - 00000000 ____D C:\Users\Moto\AppData\Roaming\vlc 2016-06-19 15:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-06-16 21:35 - 2016-01-02 12:03 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-16 21:14 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-16 21:06 - 2016-02-13 18:33 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-16 21:02 - 2016-02-13 10:23 - 04916168 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-06-15 21:45 - 2016-01-02 04:45 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-15 21:42 - 2016-01-02 04:45 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-15 21:40 - 2016-01-02 04:41 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-06-14 21:01 - 2016-03-23 20:10 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-09 09:20 - 2016-03-23 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-06-09 09:19 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-06-06 11:45 - 2016-01-03 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ____D C:\ProgramData\Skype 2016-06-04 01:51 - 2015-08-29 00:31 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-06-03 08:22 - 2016-05-23 23:17 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-06-03 08:22 - 2016-05-23 23:17 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-06-03 08:22 - 2015-08-07 08:10 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb 2016-06-03 04:59 - 2016-04-20 18:47 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-06-03 04:59 - 2016-04-20 18:47 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-06-03 04:59 - 2016-04-20 18:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-06-03 04:59 - 2016-03-30 10:06 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-06-03 04:59 - 2016-03-30 10:06 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-06-02 22:48 - 2016-02-19 13:28 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2016-06-02 22:48 - 2016-02-19 13:28 - 00002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk ==================== Files in the root of some directories ======= 2016-01-24 04:58 - 2016-06-22 13:06 - 0000033 _____ () C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat 2016-02-15 06:51 - 2016-05-09 21:23 - 0001456 _____ () C:\Users\Moto\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-01-02 19:07 - 2016-01-02 19:07 - 0003584 _____ () C:\Users\Moto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-02 20:46 - 2016-04-14 00:41 - 0007643 _____ () C:\Users\Moto\AppData\Local\Resmon.ResmonCfg 2016-04-20 18:47 - 2016-04-20 18:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-01-24 05:35 - 2016-01-24 05:39 - 0000823 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\Moto\AppData\Local\Temp\libeay32.dll C:\Users\Moto\AppData\Local\Temp\msvcr120.dll C:\Users\Moto\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-06-27 15:51 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01 Ran by Moto (2016-06-24 17:58:58) Running from G:\Desktop Windows 10 Pro Version 1511 (X64) (2016-04-20 18:03:07) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1643741209-629586362-3516323415-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1643741209-629586362-3516323415-503 - Limited - Disabled) Guest (S-1-5-21-1643741209-629586362-3516323415-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1643741209-629586362-3516323415-1002 - Limited - Enabled) Moto (S-1-5-21-1643741209-629586362-3516323415-1000 - Administrator - Enabled) => C:\Users\Moto ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) @BIOS B15.0630.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated) Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated) Adobe Audition CC 2015.2 (HKLM-x32\...\AUDT_9_2_0) (Version: 9.2.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated) Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_0_0) (Version: 20.0.0 - Adobe Systems Incorporated) Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated) Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated) AmbientLED B15.0520.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE) AmbientLED B15.0520.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte) APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Assault Android Cactus (HKLM-x32\...\Steam App 250110) (Version: - Witch Beam) Batman™: Arkham Knight (HKLM\...\Steam App 208650) (Version: - Rocksteady Studios) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 - GIGABYTE) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - Playsaurus) Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1511.3001 - GIGABYTE) Cloud Station Server (x32 Version: 1.00.1511.3001 - GIGABYTE) Hidden CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0018 - GIGABYTE) CloudStation (x32 Version: 1.00.0018 - GIGABYTE) Hidden Colortone (HKLM-x32\...\Steam App 375320) (Version: - Kirill Belman) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version: - Corsair Components, Inc.) Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5742 - Corsair) Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.) CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Dex (HKLM-x32\...\Steam App 269650) (Version: - Dreadlocks Ltd.) Discord (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Discord) (Version: 0.0.290 - Hammer & Chisel, Inc.) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version: - Klei Entertainment) Dreaming Sarah (HKLM-x32\...\Steam App 296870) (Version: - Andre Chagas Silva) Duck Game (HKLM\...\Steam App 312530) (Version: - Landon Podbielski) EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE) EasyTune (x32 Version: 1.15.0626 - GIGABYTE) Hidden Elgato Game Capture HD (HKLM\...\{BD8B183B-2634-4040-B25F-3964751D462F}) (Version: 3.20.2.1502 - Elgato Systems GmbH) Enter the Gungeon (HKLM\...\Steam App 311690) (Version: - Dodge Roll) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden EZSetup B15.0811.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) EZSetup B15.0811.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE) Fast Boot (x32 Version: 1.15.0626 - GIGABYTE) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems) Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems) Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems) Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems) GameCtrl B15.0803.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE) GameCtrl B15.0803.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Gang Beasts (HKLM\...\Steam App 285900) (Version: - Boneloaf) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Guild of Dungeoneering (HKLM\...\Steam App 317820) (Version: - Gambrinous) Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version: - Defiant Development) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) High-Logic FontCreator 9.1 (HKLM-x32\...\FontCreator8_is1) (Version: - High-Logic B.V.) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.4.18.7 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HunieCam Studio (HKLM\...\Steam App 426000) (Version: - HuniePot) Intel(R) Chipset Device Software (x32 Version: 10.1.2.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve) Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden METAL SLUG 3 (HKLM\...\Steam App 250180) (Version: - DotEmu) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios) Murder (HKLM-x32\...\Steam App 404080) (Version: - Peter Moorhead) NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version: - CyberConnect2 Co. Ltd.) NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B15.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Phantom Breaker: Battle Grounds (HKLM\...\Steam App 329490) (Version: - MAGES.) Poltergeist: A Pixelated Horror (HKLM-x32\...\Steam App 323700) (Version: - Glitchy Pixel) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Read Only Memories (HKLM-x32\...\Steam App 330820) (Version: - MidBoss, LLC.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Renowned Explorers: International Society (HKLM-x32\...\Steam App 296970) (Version: - Abbey Games) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - Hopoo Games, LLC) Road Redemption (HKLM-x32\...\Steam App 300380) (Version: - Epic Quest Games) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden ScpToolkit (HKLM\...\{4DB6F58D-A87D-4087-8FD7-B87FC4C72054}) (Version: 1.6.229.15365 - Nefarius Software Solutions) Secret Ponchos (HKLM-x32\...\Steam App 265750) (Version: - Switchblade Monkeys Entertainment) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Shovel Knight (HKLM\...\Steam App 250760) (Version: - Yacht Club Games) SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE) SIV (x32 Version: 1.15.0701 - GIGABYTE) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) Smart Recovery 2 B15.1002.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0003 - GIGABYTE) Smart TimeLock B15.0626.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE) Smart TimeLock B15.0626.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Spotify (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB) Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Street Fighter V (HKLM-x32\...\Steam App 310950) (Version: - Capcom) Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC) The Bug Butcher (HKLM-x32\...\Steam App 350740) (Version: - Awfully Nice Studios) The Marvellous Miss Take (HKLM\...\Steam App 327310) (Version: - Wonderstruck) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Type light 3.2.038 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 038 - CR8 Software Solutions) Ultratron (HKLM-x32\...\Steam App 219190) (Version: - Puppygames) Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE) VTuner (x32 Version: 1.15.0626 - GIGABYTE) Hidden Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) XCOM 2 (HKLM-x32\...\Steam App 268500) (Version: - Firaxis) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D5F9018-105D-4680-B5EC-3943F27551E3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {0F9844FB-DBD7-4F4D-A4D7-73ACCF9738CD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {14D97E43-1636-4410-B922-FFE857DA5533} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION Task: {168AB430-FB91-41A8-9FF5-CCAB93B90931} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {1991CADF-F402-4227-8400-867103C48792} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {1AD56683-137C-4B97-9EE9-3B93F2027FAD} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION Task: {21FE65DD-2895-496E-B435-99DEA5628EC2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2C8E393F-9D61-41E8-B106-B61DF4DB75FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.) Task: {3148EBA2-0CA4-46C0-A60F-35D31C8898B4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {35D8E9A0-AE1E-4B53-A16B-7FFDEDC86C10} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {3B4868C8-25E2-4BE1-8B95-2D1D34B76695} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {3C1704F1-AB09-45E4-A76D-24EAB02274AF} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION Task: {3D3162CE-D502-4A77-826B-5BFD93BD2230} - System32\Tasks\AdobeAAMUpdater-1.0-Sarah-Moto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated) Task: {40208021-119E-4BCC-A6D4-757F0D7E0958} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {42713F69-5302-4ADD-9EE2-DCF4BEF6E573} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {4432CDF6-8F4B-41A7-809B-6161EF2D73CD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {462B99D0-C67C-4CD2-B483-AE2F2399AC31} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {51046135-D10B-426A-90A9-628E7FC05FE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {51875138-BEF2-45A6-A995-158C021984CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {5EF7C3A0-FA21-4D31-B5DB-98FEEEA935E2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {66CBAFFE-E361-4472-B2E5-A3EF9B03EB9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {67A85CAB-BD85-447C-91B4-54121A2137DA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {6CF89165-B7FA-45C6-8326-71FFE9EDE7E9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {702C63BC-E036-4114-8C13-1D7E0BF14E90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {78E1B67D-BFA3-4A77-B1B3-5E4CFB977922} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-09-21] () Task: {7A9EBE94-98B0-45AF-8860-D2A77B72707E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {7BB01A67-1A51-469B-9027-F834B8416418} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {8A580AED-1C90-4E46-9E00-F75E227EEEEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {8B25EAEC-0EB2-4F01-8804-616820D092ED} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {8DB3194E-BE4B-475C-A0AA-40834A57273F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9320D06B-7FE9-418F-8EBF-38C9B98FAFD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {A8D884F5-A534-4985-B2FF-F3A10CDC7CA4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {B05BF8EC-6ACE-468C-ADAB-412655204634} - System32\Tasks\{D96E2F50-8C0E-437E-BC0E-620C93C159D6} => pcalua.exe -a G:\Downloads\atBIOS\setup.exe -d G:\Downloads\atBIOS Task: {B10AF64B-8931-4423-8622-E1217F5F1363} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {BCB0290C-9261-4465-9814-71A692E8BCFA} - System32\Tasks\{69189473-A455-4422-B8CC-34262F7CCD69} => pcalua.exe -a G:\Desktop\HijackThis.exe -d G:\Desktop Task: {C2980F00-9F7F-4FC9-985C-7B31224CB1A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {C4CF494C-7B54-4734-A183-0D4CCCCA10B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {C4FF7F19-DEDB-4FF6-8859-4DB0EB6201E7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {C63E91BA-F82A-4B5F-A4B1-85F406A30E0A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {C68B4BFE-6FCF-4CBD-82FA-91B0C01F4985} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\Windows\System32\GWX\GWX.exe Task: {CF62AB66-4030-4A7A-A0FC-B23511777967} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {D68B8E12-293E-4C5E-9E47-9F748E040592} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {D83B1817-7728-46D2-9CDC-6EFD92167346} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {DD1B9A29-49AB-4CED-A498-3B533F0EEE06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {E01E3344-96D1-45C9-BDFA-57F035F15BE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {E0F52BBF-83A4-485E-89A2-0922D15F77B0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E3870F23-BD82-48D4-9517-5321FD87D8A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {E5C66B98-FE6A-4965-9FC6-EE9E4654B3FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {F1F44088-57AF-4F82-B4A6-F5B792BD2454} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {F208B383-9F25-489E-A77E-C2442F1EA3A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated) Task: {F8270596-B4D8-48FE-9CCC-88CAE3C6E72E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Infinite HD App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=laealigljflmglcgncipdbmbjgjdpiim ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-20 18:47 - 2016-06-03 04:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe 2016-05-12 20:34 - 2016-05-12 20:34 - 00307712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\8646218657a9e1a03dfd1082f11cb43d\ReactiveSockets.ni.dll 2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll 2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll 2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll 2014-09-24 20:57 - 2014-09-24 20:57 - 00034624 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe 2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-05-12 15:16 - 2016-05-12 15:16 - 00959168 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-20 18:49 - 2016-04-20 18:49 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll 2016-02-13 18:02 - 2016-02-13 18:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 13:38 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-11 13:38 - 2016-04-23 05:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe 2016-06-14 22:41 - 2016-05-28 04:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-14 22:41 - 2016-05-28 04:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-14 22:41 - 2016-05-28 04:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-14 22:41 - 2016-05-28 04:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-02 15:26 - 2016-01-11 18:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2016-04-20 11:31 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2015-02-16 11:47 - 2015-02-16 11:47 - 00105472 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll 2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll 2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll 2016-03-23 20:10 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-12 15:16 - 2016-05-12 15:16 - 00679624 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-06-16 21:34 - 2016-06-15 10:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-16 21:34 - 2016-06-15 10:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-04-20 11:31 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2016-04-20 11:31 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2016-04-20 11:31 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2015-11-06 11:46 - 2015-11-06 11:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll 2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2015-11-13 11:52 - 2015-11-13 11:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node 2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node 2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2016-01-04 04:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moto\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.168.4.100 - 194.168.8.100 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Moto\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent HKLM\...\StartupApproved\Run: => "Elgato Sound Capture" HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\StartupApproved\Run: => "Discord" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{34F16DFA-05A0-4411-9CB6-50B0B76E5282}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{370E29C0-E93F-4F15-8F51-2DFABFEA3268}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{F7B58E62-1C3E-4A2B-9E5A-1D5A6730A3E3}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe FirewallRules: [{44069F59-4680-4E14-B369-FBA91FC604F2}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe FirewallRules: [{C2965D9F-F5FE-4F18-9E3A-FF4F36C32B52}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{C1B1AB2D-A565-46B6-B850-A5E3AE974299}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{D495D03D-B88C-49DD-9326-0BF0115C7490}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe FirewallRules: [{2B94CA5C-3F2F-442F-9C70-41D9A30D9526}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe FirewallRules: [{C6A3CE8E-0F35-4598-A791-EB70599F1C6B}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe FirewallRules: [{634FFD85-BC1C-4812-A3AB-CE3D14E3AEF5}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe FirewallRules: [{78EC40A7-EBA2-498C-BA7C-FB0846AE5B27}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{F5746522-DCEC-4EF3-BCD1-68E0BE0521D3}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{897B4201-5466-41B3-BC6B-17CC0A3A856B}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{C278C86D-B5EE-48D6-9494-17A1B1236460}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{81307196-7BD0-4D6D-9902-8B80D31C5516}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe FirewallRules: [{CFE92BF2-2B12-40A3-B798-2F7E5C36D125}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe FirewallRules: [{C0C31D2F-A5D4-43A6-B978-3A266AA19900}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe FirewallRules: [{C1BD2C63-A885-4C1F-89B9-643B9A102732}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe FirewallRules: [{569D2C15-433F-418A-8D49-D60562CD4D0A}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{64F3FF5D-D91B-4691-ADB8-7D55FF9E0A79}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{6606998C-146E-4231-9624-9EAB07675A2A}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe FirewallRules: [{09D9201E-F700-4163-B96F-4C0CA8EE2DFE}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe FirewallRules: [{C15C657E-C12F-419F-9605-8CC998ECE614}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe FirewallRules: [{2D823B94-5415-4BB4-88F3-4552C0C60393}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe FirewallRules: [{A83C6427-045F-4E8B-870F-25E78D9A9D92}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe FirewallRules: [{266BDFA5-875F-4D06-AFC2-A08F0FA20E3C}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe FirewallRules: [{9240F07B-66BC-444E-B27B-FBE3CAECE5CA}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{4EF67D00-D91C-44BF-B6E6-2A4E82344D45}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{16544387-18A1-4C33-89B8-AF607E3C688B}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [{7E8DA020-8A90-4B1A-A4A3-E9AD413B23FA}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [{33921DE3-1678-47F3-B03D-58ADFAAA8E75}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe FirewallRules: [{4262CF90-CDB3-48E4-8262-420F3959870C}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe FirewallRules: [{E7A13D16-D383-4C17-BA17-967D807E7910}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe FirewallRules: [{55146114-42A9-4CE5-9C2D-1F9131EEB6CE}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe FirewallRules: [{55330B54-752C-4609-ADD0-E853567843B1}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{9B86476D-4B8E-4E99-BAAE-EDA3AE124075}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{B8FE4828-C5B8-4A76-9B8F-BF26CB9750E5}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe FirewallRules: [{5DD6404D-026D-42CA-9BD6-090EEAADD966}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe FirewallRules: [{41B54F67-9BC0-4378-BAAB-62D37E28EE56}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe FirewallRules: [{FF1F9AF3-EBAF-4536-9B22-747706491C3C}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe FirewallRules: [{38EE0B79-7C2F-4E11-A694-6F9933F442F1}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{F97DAFDF-83AA-4F82-92CA-16C7FF590E5F}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{1D29C21C-4377-4608-9FF3-D5BC34CC3C4F}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe FirewallRules: [{17CD0ECA-6326-4F1B-B6AB-9A4E8A102419}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe FirewallRules: [{30D9CEDC-1322-4DE4-B4CE-B9D5047E8A54}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe FirewallRules: [{040D1641-4C56-4A15-93CC-C40D90548981}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe FirewallRules: [{C8178934-0524-4EC5-BA8B-7E3DAC08D530}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe FirewallRules: [{5992693D-8903-47C6-BAA2-2756F7A6D6D3}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe FirewallRules: [{1DC510B0-AEEB-4493-9188-C68DF1F32639}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe FirewallRules: [{A5E43CD3-E354-41E3-9AC0-313D1EC0E1C5}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe FirewallRules: [{333BC897-90AC-482F-8F21-EE9DF23F3DA5}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{127529E8-13F9-4DEA-B0E3-E697D0126341}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{984443CE-2414-4470-9101-6CD0D8751E51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{0F6F90B8-252C-4DED-9768-04BE7D70B184}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{737020B6-038D-47FD-A552-DEE0C32184F5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{8BF08470-F436-4125-BC5C-9F5BE0BD8BC6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{B23A9CBD-944A-4B8A-908D-F05FD7FE0A43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{862ED0C8-9A3B-43FA-BF95-D9BDF1C5F46B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{3481929B-73FE-4E93-AB4C-8D64F1514BB5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{EF6E2FFE-04E4-43E3-8238-B837DF95C4F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{D3FEAB5E-4E26-4E4C-BB4B-CF6EB31B41F9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{093BF596-4D5D-498C-BC4E-6B27BB70A194}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{312A6D96-6255-46D1-BA42-B2AE5C26F7DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{470BE6A0-726A-46DB-B85D-53BFD5782143}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{519D4705-92EC-46D2-9C72-FFDBB9A2BE77}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe FirewallRules: [{BD8F58A2-001D-48B5-B334-C412CD9251C8}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe FirewallRules: [{91FF854C-8A60-4441-BEFA-F55411869C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A56FB58A-4C3D-44A2-A7B8-30B1F51D34DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{04DC6D2D-5496-4AFC-B81C-F659EAA5D7DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{25A176A3-16B1-4F36-92F8-6E9052135F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2B746569-C12E-434A-B519-C4F88BF1F3C1}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{47272534-44FF-4A2B-900D-A8E83FA9CAA9}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{CF14700C-45FB-416A-9165-B3F05A854DF9}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{44AFC687-00BC-400D-9488-7B3C183E5F86}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{8466E68E-4FC1-419F-8EEA-B68DF3D3F849}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{45C56902-A463-4E95-9EE4-F117A0A0E5AC}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{C1C31FCB-560F-4B70-89DF-BD38FF695D2E}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe FirewallRules: [{174710AB-2116-4E23-950E-626C3A82AD77}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe FirewallRules: [{58353D8B-67DF-48AA-BA6F-BB9D0FB051C8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{A3642419-CCC8-4855-ABD2-8031EE486622}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{C2C56234-E2FE-4E48-8DE1-CA7B0B7A173A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{4C546305-7914-43E0-B9C4-E7D008A8641A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{A9D776B6-2B87-42BC-BC1E-485822AF4E95}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{CBC4515A-2873-4CC4-A195-D80B9F4C6BA5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{07CB98CA-5F80-43B9-A072-FE3355D96FA9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{BA759C96-9FF3-4CA9-B4FD-5EF5D1217F07}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{CB8CE0AB-2C77-4120-8008-0096614F5CDB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2C2F497D-C1AE-4205-99D0-498CD78474EF}] => (Allow) LPort=8844 FirewallRules: [{FB9D0B5C-521E-4050-AEEC-E764B21810CF}] => (Allow) LPort=1900 FirewallRules: [{01B461EF-AA00-4C4D-8D0A-D6E2A15D2FFC}] => (Allow) LPort=1900 FirewallRules: [{C73DDE85-C48D-40DC-8C59-3DFB65676C41}] => (Allow) LPort=1980 FirewallRules: [{821B5ED0-202B-43B7-AD37-01B0958A4049}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe FirewallRules: [{6C39CC60-F195-44B3-9FD9-553BE0B136CC}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe FirewallRules: [{4A18B241-9257-498B-A638-3A4ADD4E1B2D}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe FirewallRules: [{EDEFC1A6-6235-460A-906A-2304A28D2E42}] => (Allow) G:\Steam\bin\steamwebhelper.exe FirewallRules: [{842DAF56-24D4-4E0B-B32A-58BC936FE22F}] => (Allow) G:\Steam\bin\steamwebhelper.exe FirewallRules: [{2EB9C82B-3AD7-4B9E-BD8E-4451DC46CB83}] => (Allow) G:\Steam\Steam.exe FirewallRules: [{54488B43-960F-4D12-AE69-0946E2CDD058}] => (Allow) G:\Steam\Steam.exe FirewallRules: [{BEF599F6-1DDE-459C-BA3D-83F26BE54C6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9683C0F8-A9CB-4186-BB0A-72A33E7F75E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{71A4F426-78BA-45F0-9846-4E98A821D710}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{CD76C50E-AD9D-40D4-B774-7602C6B418BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{AEE12E4A-3222-4045-91F6-19243B6C043E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{715BEECC-1619-4764-A28E-88797F5736CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{6711424F-4792-4727-A710-245B80991B2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{AA2A22BC-7D90-4B13-A822-729F908D5179}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{94A526D4-60F7-4E85-8877-F8484FF5354C}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{2EFEF08A-2605-49E1-AA2E-757F35357D23}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{3A3C1E4B-CEF6-4B6D-9771-14C0257FECE4}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{9CD1A4CD-3418-42DB-A2FB-BD17916ACD7F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe FirewallRules: [{97FDE75A-EFF0-4D0F-9337-A4FF2739435F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe FirewallRules: [{7DDEDE23-8EA3-42CC-9483-BF4D509B05D3}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe FirewallRules: [{778BBD36-E31F-4D0C-BC80-85AB5D6EB0C5}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe FirewallRules: [{71FD6C43-3435-455C-9003-92844E435C9A}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{ED93A94E-3585-411B-8DFD-46E4BF277273}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{1A7C2B0D-AE80-45DF-9D84-B70264F5B9A0}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{DC823B45-6A70-429E-897A-B8F473594558}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{5CA73B85-4988-4426-A422-80CED2383079}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{55A8DEB8-8EEC-48BB-B6C3-24EC61FEC173}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{BC1D0292-4AEE-4D48-848B-06836A171463}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{972A9258-F0E0-4B80-94DA-785704AB3C8A}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{8C756373-14E7-43C7-86D7-F455CD411704}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{42F3BB53-D6E0-4E2A-9AF7-2F4A515ACF26}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{1E9EB20A-38B2-49C6-9E7F-08514D986BBC}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe FirewallRules: [{C98FCD3A-75DB-4758-9D04-78A42CC9689B}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe FirewallRules: [{C023F0B8-3DB5-48E9-9153-AEA0C16CE10D}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe FirewallRules: [{BAE0B04E-D105-4630-8B40-39CB5487E1BE}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe FirewallRules: [{D1036E5B-5F4F-46CA-8947-0AEC60F7FC2A}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{017611F5-21A5-45BA-A716-9E9A1D831ACE}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe FirewallRules: [{38EB278A-52FB-4BD5-BF8C-343A419CCB30}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe FirewallRules: [{CB3BF89D-DAD2-429C-BF11-27907AA75F2B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EF435C5B-9A92-461F-8ADE-84D1AAD6DBCA}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{6926DFA3-F39B-4F35-B750-809B11A1A7AE}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{2C9BFD9B-ABAC-4E56-9B53-60D481B088E4}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe FirewallRules: [{0F9BFCA7-AC9C-4388-B0B6-078162F63C87}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe FirewallRules: [{53D6424B-907C-49B1-884F-6C2E48F7D84B}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{B2ED2CAB-75A6-4F8E-9FB9-9B11C28C0921}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 21-06-2016 15:24:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 21-06-2016 15:24:28 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 24-06-2016 17:20:46 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/24/2016 05:52:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0 Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f Exception code: 0xc0000005 Fault offset: 0x0000000000010f73 Faulting process ID: 0x13f4 Faulting application start time: 0xNvStreamNetworkService.exe0 Faulting application path: NvStreamNetworkService.exe1 Faulting module path: NvStreamNetworkService.exe2 Report ID: NvStreamNetworkService.exe3 Faulting package full name: NvStreamNetworkService.exe4 Faulting package-relative application ID: NvStreamNetworkService.exe5 Error: (06/24/2016 05:22:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe CEF Helper.exe, version: 3.7.0.271, time stamp: 0x57515883 Faulting module name: libcef.dll, version: 3.2171.2069.0, time stamp: 0x551bdc44 Exception code: 0xc0000005 Fault offset: 0x00444106 Faulting process ID: 0x288c Faulting application start time: 0xAdobe CEF Helper.exe0 Faulting application path: Adobe CEF Helper.exe1 Faulting module path: Adobe CEF Helper.exe2 Report ID: Adobe CEF Helper.exe3 Faulting package full name: Adobe CEF Helper.exe4 Faulting package-relative application ID: Adobe CEF Helper.exe5 Error: (06/24/2016 05:20:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/24/2016 05:04:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0 Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f Exception code: 0xc0000005 Fault offset: 0x0000000000010f73 Faulting process ID: 0x2d60 Faulting application start time: 0xNvStreamNetworkService.exe0 Faulting application path: NvStreamNetworkService.exe1 Faulting module path: NvStreamNetworkService.exe2 Report ID: NvStreamNetworkService.exe3 Faulting package full name: NvStreamNetworkService.exe4 Faulting package-relative application ID: NvStreamNetworkService.exe5 Error: (06/22/2016 02:03:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643 Exception code: 0xc0000005 Fault offset: 0x000000000019c458 Faulting process ID: 0x220c Faulting application start time: 0xAdobe Premiere Pro.exe0 Faulting application path: Adobe Premiere Pro.exe1 Faulting module path: Adobe Premiere Pro.exe2 Report ID: Adobe Premiere Pro.exe3 Faulting package full name: Adobe Premiere Pro.exe4 Faulting package-relative application ID: Adobe Premiere Pro.exe5 Error: (06/21/2016 04:18:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643 Exception code: 0xc0000005 Fault offset: 0x000000000019c458 Faulting process ID: 0x2608 Faulting application start time: 0xAdobe Premiere Pro.exe0 Faulting application path: Adobe Premiere Pro.exe1 Faulting module path: Adobe Premiere Pro.exe2 Report ID: Adobe Premiere Pro.exe3 Faulting package full name: Adobe Premiere Pro.exe4 Faulting package-relative application ID: Adobe Premiere Pro.exe5 Error: (06/21/2016 03:24:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/21/2016 03:24:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/20/2016 12:04:16 AM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: The backup was not successful. The error is: Access is denied. (0x80070005). Error: (06/20/2016 12:04:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . System errors: ============= Error: (06/24/2016 05:52:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (06/24/2016 05:52:14 PM) (Source: volmgr) (EventID: 45) (User: ) Description: The system could not sucessfully load the crash dump driver. Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 45) (User: ) Description: The system could not sucessfully load the crash dump driver. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 = An instance of the service is already running. Error: (06/24/2016 05:50:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-06-19 19:00:13.820 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 13:06:52.263 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 21:02:14.837 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 22:04:15.180 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 17:26:06.072 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-21 04:08:55.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-20 04:36:53.096 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-15 04:26:54.937 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 04:01:32.726 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 15:03:41.951 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz Percentage of memory in use: 11% Total physical RAM: 32574.06 MB Available physical RAM: 28985.02 MB Total Virtual: 65342.06 MB Available Virtual: 61505.16 MB ==================== Drives ================================ Drive c: (Sarah) (Fixed) (Total:222.9 GB) (Free:119.74 GB) NTFS Drive f: (Pandora) (Fixed) (Total:1862.88 GB) (Free:644.21 GB) exFAT Drive g: (Mei) (Fixed) (Total:1863.01 GB) (Free:570.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D347A590) Partition 1: (Not Active) - (Size=1863 GB) - (Type=42) ======================================================== Disk: 1 (Size: 223.6 GB) (Disk ID: DB3EED98) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================
  4. AppleMoto
    Thanks for getting back to me okay Here's the log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 01/07/2016 Scan Time: 23:30 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.07.01.09 Rootkit Database: v2016.05.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Moto Scan Type: Threat Scan Result: Completed Objects Scanned: 374566 Time Elapsed: 7 min, 17 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  5. AppleMoto
    Hey all, I'm Moto pleased to meet you. So a couple of days ago I noticed that there was a 'Name Not Available' in my volume mixer, A while back I got a similar thing on my old computer which I was able to fix by following online instructions. However this time I've tried everything and I can't seem to get it to go away. I'm a little concerned. So please MWB Team you're my only hope. I did a farbar recovery scan tool scan and here is my FRST result Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02 Ran by Moto (administrator) on SARAH (27-06-2016 04:42:16) Running from G:\Desktop Loaded Profiles: Moto (Available Profiles: Moto & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5020\Agent.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe (Microsoft Corporation) C:\Windows\System32\SndVol.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\Moto\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1259008 2016-04-05] () HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] () Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Spotify Web Helper] => C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-16] (Spotify Ltd) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Discord] => C:\Users\Moto\AppData\Local\Discord\app-0.0.290\Discord.exe [57924280 2016-05-05] (Hammer & Chisel, Inc.) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-01-02] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-24] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-01-08] ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) Startup: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.scf [2013-05-06] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{06fe9622-fd21-4162-a578-1daad5f44bb1}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1643741209-629586362-3516323415-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-24] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-25] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-24] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-20] FF HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File CHR Profile: C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (BetterTTV) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-04] CHR Extension: (Kaspersky Protection) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-02] CHR Extension: (Adobe Acrobat) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-02-19] CHR Extension: (Infinite HD App) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\laealigljflmglcgncipdbmbjgjdpiim [2016-06-22] CHR Extension: (TubeBuddy) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2016-06-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-02] (Kaspersky Lab ZAO) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2015-12-31] (Scarlet.Crush Productions) [File not signed] R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-09-24] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed] S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] () R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658) R3 ElgatoVAD; C:\Windows\system32\DRIVERS\ElgatoVAD.sys [28800 2016-03-30] (Elgato Systems GmbH) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-02] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-25] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-02] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-25] (AO Kaspersky Lab) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-04-23] (hxxp://libusb-win32.sourceforge.net) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation) R3 MZ0380.X64; C:\Windows\system32\DRIVERS\MZ0380.X64.SYS [3528456 2016-03-29] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-25 12:29 - 2016-06-25 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test 2016-06-24 19:11 - 2016-06-24 19:11 - 00000000 ____D C:\Users\Moto\AppData\Local\PeerDistRepub 2016-06-24 19:01 - 2016-06-24 19:01 - 00000000 ____D C:\Users\Moto\AppData\Local\ActiveSync 2016-06-24 18:59 - 2016-06-24 18:59 - 00000000 ____D C:\Users\Moto\.android 2016-06-24 18:21 - 2016-06-24 18:00 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2016-06-24 18:00 - 2016-06-24 18:19 - 00000000 ____D C:\zoek_backup 2016-06-24 17:58 - 2016-06-27 04:42 - 00000000 ____D C:\FRST 2016-06-24 17:44 - 2016-06-24 17:50 - 00000000 ____D C:\AdwCleaner 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignf50f45bb3287bb54 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignb1c5c93b4d5fae5f 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6af0b4a821d51b28 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6982e884f92a7019 2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign2d6006ca443bf9eb 2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignc36f1afca5bd07cb 2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9354230b3c411d78 2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign23c18db989f93014 2016-06-22 01:44 - 2016-06-22 01:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\dungeoneering 2016-06-21 15:24 - 2016-06-21 15:24 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe SpeedGrade CC 2015.lnk 2016-06-21 15:22 - 2016-06-21 15:22 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9ddec1ddef1b277e 2016-06-21 15:20 - 2016-06-21 15:20 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate CC 2015.2.lnk 2016-06-21 15:16 - 2016-06-21 15:16 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.2.lnk 2016-06-21 15:13 - 2016-06-21 15:13 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk 2016-06-21 15:09 - 2016-06-21 15:09 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk 2016-06-21 15:06 - 2016-06-21 15:06 - 00001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk 2016-06-21 15:01 - 2016-06-21 15:01 - 00001252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.3.lnk 2016-06-21 14:58 - 2016-06-21 14:58 - 00001356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview 4).lnk 2016-06-21 14:54 - 2016-06-21 14:54 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk 2016-06-19 15:35 - 2016-06-19 15:35 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2016-06-14 22:41 - 2016-05-28 07:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-14 22:41 - 2016-05-28 07:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-14 22:41 - 2016-05-28 06:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-14 22:41 - 2016-05-28 06:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-14 22:41 - 2016-05-28 06:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-14 22:41 - 2016-05-28 06:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-06-14 22:41 - 2016-05-28 06:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2016-06-14 22:41 - 2016-05-28 06:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-06-14 22:41 - 2016-05-28 06:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-06-14 22:41 - 2016-05-28 06:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-06-14 22:41 - 2016-05-28 06:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-14 22:41 - 2016-05-28 06:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-14 22:41 - 2016-05-28 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-06-14 22:41 - 2016-05-28 06:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-14 22:41 - 2016-05-28 06:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2016-06-14 22:41 - 2016-05-28 06:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-14 22:41 - 2016-05-28 06:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-06-14 22:41 - 2016-05-28 06:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-06-14 22:41 - 2016-05-28 06:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-06-14 22:41 - 2016-05-28 06:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-06-14 22:41 - 2016-05-28 06:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-14 22:41 - 2016-05-28 06:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-06-14 22:41 - 2016-05-28 06:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-06-14 22:41 - 2016-05-28 06:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-06-14 22:41 - 2016-05-28 06:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-06-14 22:41 - 2016-05-28 06:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-06-14 22:41 - 2016-05-28 06:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-14 22:41 - 2016-05-28 06:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-06-14 22:41 - 2016-05-28 06:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-14 22:41 - 2016-05-28 06:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-14 22:41 - 2016-05-28 06:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-14 22:41 - 2016-05-28 06:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-14 22:41 - 2016-05-28 06:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-06-14 22:41 - 2016-05-28 06:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-14 22:41 - 2016-05-28 06:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-14 22:41 - 2016-05-28 05:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-06-14 22:41 - 2016-05-28 05:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-06-14 22:41 - 2016-05-28 05:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-06-14 22:41 - 2016-05-28 05:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-14 22:41 - 2016-05-28 05:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-14 22:41 - 2016-05-28 05:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-14 22:41 - 2016-05-28 05:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-06-14 22:41 - 2016-05-28 05:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-06-14 22:41 - 2016-05-28 05:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys 2016-06-14 22:41 - 2016-05-28 05:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-14 22:41 - 2016-05-28 05:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-14 22:41 - 2016-05-28 05:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-14 22:41 - 2016-05-28 05:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll 2016-06-14 22:41 - 2016-05-28 05:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-06-14 22:41 - 2016-05-28 05:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-06-14 22:41 - 2016-05-28 05:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-14 22:41 - 2016-05-28 05:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-14 22:41 - 2016-05-28 05:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-06-14 22:41 - 2016-05-28 05:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-06-14 22:41 - 2016-05-28 05:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-06-14 22:41 - 2016-05-28 05:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-06-14 22:41 - 2016-05-28 05:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-06-14 22:41 - 2016-05-28 05:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-06-14 22:41 - 2016-05-28 05:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2016-06-14 22:41 - 2016-05-28 05:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys 2016-06-14 22:41 - 2016-05-28 05:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2016-06-14 22:41 - 2016-05-28 05:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-14 22:41 - 2016-05-28 05:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-06-14 22:41 - 2016-05-28 05:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-14 22:41 - 2016-05-28 05:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-06-14 22:41 - 2016-05-28 05:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2016-06-14 22:41 - 2016-05-28 05:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-06-14 22:41 - 2016-05-28 05:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2016-06-14 22:41 - 2016-05-28 05:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-06-14 22:41 - 2016-05-28 05:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2016-06-14 22:41 - 2016-05-28 05:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-14 22:41 - 2016-05-28 05:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2016-06-14 22:41 - 2016-05-28 05:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-06-14 22:41 - 2016-05-28 05:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-14 22:41 - 2016-05-28 05:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-14 22:41 - 2016-05-28 05:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-14 22:41 - 2016-05-28 05:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-14 22:41 - 2016-05-28 05:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-14 22:41 - 2016-05-28 05:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-14 22:41 - 2016-05-28 05:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-06-14 22:41 - 2016-05-28 05:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-06-14 22:41 - 2016-05-28 05:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-14 22:41 - 2016-05-28 05:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-14 22:41 - 2016-05-28 05:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-14 22:41 - 2016-05-28 05:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-14 22:41 - 2016-05-28 05:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2016-06-14 22:41 - 2016-05-28 05:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-06-14 22:41 - 2016-05-28 05:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-14 22:41 - 2016-05-28 05:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-06-14 22:41 - 2016-05-28 05:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-14 22:41 - 2016-05-28 05:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-06-14 22:41 - 2016-05-28 05:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-06-14 22:41 - 2016-05-28 05:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-06-14 22:41 - 2016-05-28 05:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-14 22:41 - 2016-05-28 05:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-06-14 22:41 - 2016-05-28 05:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2016-06-14 22:41 - 2016-05-28 05:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-06-14 22:41 - 2016-05-28 05:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-06-14 22:41 - 2016-05-28 05:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-14 22:41 - 2016-05-28 05:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-06-14 22:41 - 2016-05-28 05:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-14 22:41 - 2016-05-28 05:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-14 22:41 - 2016-05-28 05:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-06-14 22:41 - 2016-05-28 04:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-06-14 22:41 - 2016-05-28 04:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-06-14 22:41 - 2016-05-28 04:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-06-14 22:41 - 2016-05-28 04:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-06-14 22:41 - 2016-05-28 04:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-06-09 18:20 - 2016-06-09 18:20 - 00000000 ____D C:\Users\Moto\AppData\Local\mslug3 2016-06-09 09:19 - 2016-06-09 09:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-06-09 09:19 - 2016-06-03 08:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2016-06-09 09:19 - 2016-06-03 08:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-06-09 09:19 - 2016-06-03 04:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-06-09 09:19 - 2016-05-04 03:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-06-09 09:19 - 2016-05-04 03:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll 2016-06-09 09:19 - 2016-05-04 03:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe 2016-06-09 09:19 - 2016-05-04 03:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iTunes 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iPod 2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files (x86)\iTunes ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-27 04:34 - 2016-01-02 12:03 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-27 03:43 - 2016-03-20 22:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-06-27 03:24 - 2016-05-04 15:46 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-06-27 03:24 - 2016-01-02 04:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-06-27 03:15 - 2016-04-20 18:48 - 01218544 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-27 03:15 - 2016-04-20 14:32 - 00171290 _____ C:\WINDOWS\system32\prfh0404.dat 2016-06-27 03:15 - 2016-04-20 14:32 - 00057268 _____ C:\WINDOWS\system32\prfc0404.dat 2016-06-27 03:15 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-06-27 03:14 - 2016-04-28 16:56 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A706311-F243-4979-80A9-A75224DCACAD} 2016-06-27 03:14 - 2016-01-02 04:37 - 00000000 ____D C:\Users\Moto\AppData\Local\Adobe 2016-06-27 03:10 - 2016-05-04 15:47 - 00000000 ____D C:\Users\Moto\AppData\Local\Battle.net 2016-06-27 03:10 - 2016-01-02 18:14 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Skype 2016-06-27 03:10 - 2016-01-02 04:44 - 00000000 ___RD C:\Users\Moto\Creative Cloud Files 2016-06-27 03:10 - 2016-01-02 04:44 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-06-27 03:09 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA 2016-06-27 03:09 - 2016-02-13 18:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-27 03:09 - 2016-01-02 12:03 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-27 03:09 - 2016-01-02 04:52 - 00026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys 2016-06-26 17:02 - 2016-04-20 18:49 - 00000000 ____D C:\Users\Moto 2016-06-26 17:02 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-06-26 14:57 - 2016-05-05 12:10 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-06-26 12:55 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-25 14:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-24 18:59 - 2016-01-08 05:44 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-06-24 18:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-06-24 18:16 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-06-24 17:50 - 2016-01-24 05:37 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Yahoo! 2016-06-24 17:22 - 2016-01-02 05:32 - 00000000 ____D C:\Users\Moto\AppData\Local\CrashDumps 2016-06-24 16:38 - 2016-01-03 14:11 - 00000000 ____D C:\Users\Moto\AppData\Local\ElevatedDiagnostics 2016-06-24 16:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-06-24 16:37 - 2016-01-13 12:29 - 00000000 ____D C:\ProgramData\Oracle 2016-06-24 16:32 - 2016-01-13 12:30 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\Users\Moto\.oracle_jre_usage 2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-06-24 16:32 - 2016-01-13 12:29 - 00000000 ____D C:\Program Files (x86)\Java 2016-06-22 13:06 - 2016-01-24 04:58 - 00000033 _____ C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat 2016-06-21 15:27 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Adobe 2016-06-21 15:24 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-06-21 15:24 - 2016-01-02 04:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Adobe 2016-06-21 14:57 - 2016-01-02 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-06-19 21:18 - 2016-01-02 21:09 - 00000000 ____D C:\Users\Moto\AppData\Roaming\vlc 2016-06-19 15:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-06-16 21:35 - 2016-01-02 12:03 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-16 21:14 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-16 21:06 - 2016-02-13 18:33 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-16 21:02 - 2016-02-13 10:23 - 04916168 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-06-15 21:45 - 2016-01-02 04:45 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-15 21:42 - 2016-01-02 04:45 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-15 21:40 - 2016-01-02 04:41 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-06-14 21:01 - 2016-03-23 20:10 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-06-14 21:01 - 2016-03-23 20:10 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-09 09:20 - 2016-03-23 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-06-09 09:19 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-06-06 11:45 - 2016-01-03 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ____D C:\ProgramData\Skype 2016-06-04 01:51 - 2015-08-29 00:31 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-06-03 08:22 - 2016-05-23 23:17 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-06-03 08:22 - 2016-05-23 23:17 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-06-03 08:22 - 2015-08-29 00:31 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-06-03 08:22 - 2015-08-07 08:10 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb 2016-06-03 04:59 - 2016-04-20 18:47 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-06-03 04:59 - 2016-04-20 18:47 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-06-03 04:59 - 2016-04-20 18:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-06-03 04:59 - 2016-04-20 18:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-06-03 04:59 - 2016-03-30 10:06 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-06-03 04:59 - 2016-03-30 10:06 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-06-02 22:48 - 2016-02-19 13:28 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2016-06-02 22:48 - 2016-02-19 13:28 - 00002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2016-06-01 06:25 - 2016-01-03 18:37 - 00000000 ____D C:\Users\Moto\AppData\Roaming\OBS 2016-05-29 21:35 - 2016-01-02 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-05-28 06:55 - 2016-02-13 18:28 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== Files in the root of some directories ======= 2016-01-24 04:58 - 2016-06-22 13:06 - 0000033 _____ () C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat 2016-02-15 06:51 - 2016-05-09 21:23 - 0001456 _____ () C:\Users\Moto\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-01-02 19:07 - 2016-01-02 19:07 - 0003584 _____ () C:\Users\Moto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-02 20:46 - 2016-04-14 00:41 - 0007643 _____ () C:\Users\Moto\AppData\Local\Resmon.ResmonCfg 2016-04-20 18:47 - 2016-04-20 18:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-01-24 05:35 - 2016-01-24 05:39 - 0000823 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-06-18 13:48 ==================== End of FRST.txt ============================ and this is the 'Addition' file which was made Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01 Ran by Moto (2016-06-24 17:58:58) Running from G:\Desktop Windows 10 Pro Version 1511 (X64) (2016-04-20 18:03:07) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1643741209-629586362-3516323415-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1643741209-629586362-3516323415-503 - Limited - Disabled) Guest (S-1-5-21-1643741209-629586362-3516323415-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1643741209-629586362-3516323415-1002 - Limited - Enabled) Moto (S-1-5-21-1643741209-629586362-3516323415-1000 - Administrator - Enabled) => C:\Users\Moto ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) @BIOS B15.0630.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated) Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated) Adobe Audition CC 2015.2 (HKLM-x32\...\AUDT_9_2_0) (Version: 9.2.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated) Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_0_0) (Version: 20.0.0 - Adobe Systems Incorporated) Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated) Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated) AmbientLED B15.0520.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE) AmbientLED B15.0520.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte) APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Assault Android Cactus (HKLM-x32\...\Steam App 250110) (Version: - Witch Beam) Batman™: Arkham Knight (HKLM\...\Steam App 208650) (Version: - Rocksteady Studios) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 - GIGABYTE) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - Playsaurus) Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1511.3001 - GIGABYTE) Cloud Station Server (x32 Version: 1.00.1511.3001 - GIGABYTE) Hidden CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0018 - GIGABYTE) CloudStation (x32 Version: 1.00.0018 - GIGABYTE) Hidden Colortone (HKLM-x32\...\Steam App 375320) (Version: - Kirill Belman) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version: - Corsair Components, Inc.) Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5742 - Corsair) Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.) CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Dex (HKLM-x32\...\Steam App 269650) (Version: - Dreadlocks Ltd.) Discord (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Discord) (Version: 0.0.290 - Hammer & Chisel, Inc.) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version: - Klei Entertainment) Dreaming Sarah (HKLM-x32\...\Steam App 296870) (Version: - Andre Chagas Silva) Duck Game (HKLM\...\Steam App 312530) (Version: - Landon Podbielski) EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE) EasyTune (x32 Version: 1.15.0626 - GIGABYTE) Hidden Elgato Game Capture HD (HKLM\...\{BD8B183B-2634-4040-B25F-3964751D462F}) (Version: 3.20.2.1502 - Elgato Systems GmbH) Enter the Gungeon (HKLM\...\Steam App 311690) (Version: - Dodge Roll) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden EZSetup B15.0811.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) EZSetup B15.0811.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE) Fast Boot (x32 Version: 1.15.0626 - GIGABYTE) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems) Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems) Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems) Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems) GameCtrl B15.0803.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE) GameCtrl B15.0803.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Gang Beasts (HKLM\...\Steam App 285900) (Version: - Boneloaf) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Guild of Dungeoneering (HKLM\...\Steam App 317820) (Version: - Gambrinous) Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version: - Defiant Development) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) High-Logic FontCreator 9.1 (HKLM-x32\...\FontCreator8_is1) (Version: - High-Logic B.V.) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.4.18.7 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HunieCam Studio (HKLM\...\Steam App 426000) (Version: - HuniePot) Intel(R) Chipset Device Software (x32 Version: 10.1.2.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve) Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden METAL SLUG 3 (HKLM\...\Steam App 250180) (Version: - DotEmu) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios) Murder (HKLM-x32\...\Steam App 404080) (Version: - Peter Moorhead) NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version: - CyberConnect2 Co. Ltd.) NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B15.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Phantom Breaker: Battle Grounds (HKLM\...\Steam App 329490) (Version: - MAGES.) Poltergeist: A Pixelated Horror (HKLM-x32\...\Steam App 323700) (Version: - Glitchy Pixel) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Read Only Memories (HKLM-x32\...\Steam App 330820) (Version: - MidBoss, LLC.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Renowned Explorers: International Society (HKLM-x32\...\Steam App 296970) (Version: - Abbey Games) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - Hopoo Games, LLC) Road Redemption (HKLM-x32\...\Steam App 300380) (Version: - Epic Quest Games) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden ScpToolkit (HKLM\...\{4DB6F58D-A87D-4087-8FD7-B87FC4C72054}) (Version: 1.6.229.15365 - Nefarius Software Solutions) Secret Ponchos (HKLM-x32\...\Steam App 265750) (Version: - Switchblade Monkeys Entertainment) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Shovel Knight (HKLM\...\Steam App 250760) (Version: - Yacht Club Games) SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE) SIV (x32 Version: 1.15.0701 - GIGABYTE) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) Smart Recovery 2 B15.1002.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0003 - GIGABYTE) Smart TimeLock B15.0626.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE) Smart TimeLock B15.0626.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Spotify (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB) Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Street Fighter V (HKLM-x32\...\Steam App 310950) (Version: - Capcom) Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC) The Bug Butcher (HKLM-x32\...\Steam App 350740) (Version: - Awfully Nice Studios) The Marvellous Miss Take (HKLM\...\Steam App 327310) (Version: - Wonderstruck) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Type light 3.2.038 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 038 - CR8 Software Solutions) Ultratron (HKLM-x32\...\Steam App 219190) (Version: - Puppygames) Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE) VTuner (x32 Version: 1.15.0626 - GIGABYTE) Hidden Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) XCOM 2 (HKLM-x32\...\Steam App 268500) (Version: - Firaxis) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D5F9018-105D-4680-B5EC-3943F27551E3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {0F9844FB-DBD7-4F4D-A4D7-73ACCF9738CD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {14D97E43-1636-4410-B922-FFE857DA5533} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION Task: {168AB430-FB91-41A8-9FF5-CCAB93B90931} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {1991CADF-F402-4227-8400-867103C48792} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {1AD56683-137C-4B97-9EE9-3B93F2027FAD} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION Task: {21FE65DD-2895-496E-B435-99DEA5628EC2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2C8E393F-9D61-41E8-B106-B61DF4DB75FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.) Task: {3148EBA2-0CA4-46C0-A60F-35D31C8898B4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {35D8E9A0-AE1E-4B53-A16B-7FFDEDC86C10} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {3B4868C8-25E2-4BE1-8B95-2D1D34B76695} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {3C1704F1-AB09-45E4-A76D-24EAB02274AF} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION Task: {3D3162CE-D502-4A77-826B-5BFD93BD2230} - System32\Tasks\AdobeAAMUpdater-1.0-Sarah-Moto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated) Task: {40208021-119E-4BCC-A6D4-757F0D7E0958} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {42713F69-5302-4ADD-9EE2-DCF4BEF6E573} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {4432CDF6-8F4B-41A7-809B-6161EF2D73CD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {462B99D0-C67C-4CD2-B483-AE2F2399AC31} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {51046135-D10B-426A-90A9-628E7FC05FE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {51875138-BEF2-45A6-A995-158C021984CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {5EF7C3A0-FA21-4D31-B5DB-98FEEEA935E2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {66CBAFFE-E361-4472-B2E5-A3EF9B03EB9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {67A85CAB-BD85-447C-91B4-54121A2137DA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {6CF89165-B7FA-45C6-8326-71FFE9EDE7E9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {702C63BC-E036-4114-8C13-1D7E0BF14E90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {78E1B67D-BFA3-4A77-B1B3-5E4CFB977922} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-09-21] () Task: {7A9EBE94-98B0-45AF-8860-D2A77B72707E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {7BB01A67-1A51-469B-9027-F834B8416418} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {8A580AED-1C90-4E46-9E00-F75E227EEEEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {8B25EAEC-0EB2-4F01-8804-616820D092ED} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {8DB3194E-BE4B-475C-A0AA-40834A57273F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9320D06B-7FE9-418F-8EBF-38C9B98FAFD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {A8D884F5-A534-4985-B2FF-F3A10CDC7CA4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {B05BF8EC-6ACE-468C-ADAB-412655204634} - System32\Tasks\{D96E2F50-8C0E-437E-BC0E-620C93C159D6} => pcalua.exe -a G:\Downloads\atBIOS\setup.exe -d G:\Downloads\atBIOS Task: {B10AF64B-8931-4423-8622-E1217F5F1363} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {BCB0290C-9261-4465-9814-71A692E8BCFA} - System32\Tasks\{69189473-A455-4422-B8CC-34262F7CCD69} => pcalua.exe -a G:\Desktop\HijackThis.exe -d G:\Desktop Task: {C2980F00-9F7F-4FC9-985C-7B31224CB1A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {C4CF494C-7B54-4734-A183-0D4CCCCA10B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {C4FF7F19-DEDB-4FF6-8859-4DB0EB6201E7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {C63E91BA-F82A-4B5F-A4B1-85F406A30E0A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {C68B4BFE-6FCF-4CBD-82FA-91B0C01F4985} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\Windows\System32\GWX\GWX.exe Task: {CF62AB66-4030-4A7A-A0FC-B23511777967} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {D68B8E12-293E-4C5E-9E47-9F748E040592} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {D83B1817-7728-46D2-9CDC-6EFD92167346} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {DD1B9A29-49AB-4CED-A498-3B533F0EEE06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {E01E3344-96D1-45C9-BDFA-57F035F15BE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {E0F52BBF-83A4-485E-89A2-0922D15F77B0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E3870F23-BD82-48D4-9517-5321FD87D8A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {E5C66B98-FE6A-4965-9FC6-EE9E4654B3FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {F1F44088-57AF-4F82-B4A6-F5B792BD2454} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {F208B383-9F25-489E-A77E-C2442F1EA3A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated) Task: {F8270596-B4D8-48FE-9CCC-88CAE3C6E72E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Infinite HD App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=laealigljflmglcgncipdbmbjgjdpiim ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-20 18:47 - 2016-06-03 04:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe 2016-05-12 20:34 - 2016-05-12 20:34 - 00307712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\8646218657a9e1a03dfd1082f11cb43d\ReactiveSockets.ni.dll 2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll 2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll 2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll 2014-09-24 20:57 - 2014-09-24 20:57 - 00034624 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe 2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-05-12 15:16 - 2016-05-12 15:16 - 00959168 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-20 18:49 - 2016-04-20 18:49 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll 2016-02-13 18:02 - 2016-02-13 18:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 13:38 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-11 13:38 - 2016-04-23 05:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe 2016-06-14 22:41 - 2016-05-28 04:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-14 22:41 - 2016-05-28 04:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-14 22:41 - 2016-05-28 04:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-14 22:41 - 2016-05-28 04:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-02 15:26 - 2016-01-11 18:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2016-04-20 11:31 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2015-02-16 11:47 - 2015-02-16 11:47 - 00105472 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll 2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll 2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll 2016-03-23 20:10 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-12 15:16 - 2016-05-12 15:16 - 00679624 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-06-16 21:34 - 2016-06-15 10:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-16 21:34 - 2016-06-15 10:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-04-20 11:31 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2016-04-20 11:31 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2016-04-20 11:31 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2015-11-06 11:46 - 2015-11-06 11:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll 2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2015-11-13 11:52 - 2015-11-13 11:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node 2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node 2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2016-01-04 04:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1643741209-629586362-3516323415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moto\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.168.4.100 - 194.168.8.100 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Moto\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent HKLM\...\StartupApproved\Run: => "Elgato Sound Capture" HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\StartupApproved\Run: => "Discord" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{34F16DFA-05A0-4411-9CB6-50B0B76E5282}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{370E29C0-E93F-4F15-8F51-2DFABFEA3268}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{F7B58E62-1C3E-4A2B-9E5A-1D5A6730A3E3}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe FirewallRules: [{44069F59-4680-4E14-B369-FBA91FC604F2}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe FirewallRules: [{C2965D9F-F5FE-4F18-9E3A-FF4F36C32B52}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{C1B1AB2D-A565-46B6-B850-A5E3AE974299}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{D495D03D-B88C-49DD-9326-0BF0115C7490}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe FirewallRules: [{2B94CA5C-3F2F-442F-9C70-41D9A30D9526}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe FirewallRules: [{C6A3CE8E-0F35-4598-A791-EB70599F1C6B}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe FirewallRules: [{634FFD85-BC1C-4812-A3AB-CE3D14E3AEF5}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe FirewallRules: [{78EC40A7-EBA2-498C-BA7C-FB0846AE5B27}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{F5746522-DCEC-4EF3-BCD1-68E0BE0521D3}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{897B4201-5466-41B3-BC6B-17CC0A3A856B}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{C278C86D-B5EE-48D6-9494-17A1B1236460}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{81307196-7BD0-4D6D-9902-8B80D31C5516}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe FirewallRules: [{CFE92BF2-2B12-40A3-B798-2F7E5C36D125}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe FirewallRules: [{C0C31D2F-A5D4-43A6-B978-3A266AA19900}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe FirewallRules: [{C1BD2C63-A885-4C1F-89B9-643B9A102732}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe FirewallRules: [{569D2C15-433F-418A-8D49-D60562CD4D0A}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{64F3FF5D-D91B-4691-ADB8-7D55FF9E0A79}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{6606998C-146E-4231-9624-9EAB07675A2A}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe FirewallRules: [{09D9201E-F700-4163-B96F-4C0CA8EE2DFE}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe FirewallRules: [{C15C657E-C12F-419F-9605-8CC998ECE614}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe FirewallRules: [{2D823B94-5415-4BB4-88F3-4552C0C60393}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe FirewallRules: [{A83C6427-045F-4E8B-870F-25E78D9A9D92}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe FirewallRules: [{266BDFA5-875F-4D06-AFC2-A08F0FA20E3C}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe FirewallRules: [{9240F07B-66BC-444E-B27B-FBE3CAECE5CA}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{4EF67D00-D91C-44BF-B6E6-2A4E82344D45}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{16544387-18A1-4C33-89B8-AF607E3C688B}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [{7E8DA020-8A90-4B1A-A4A3-E9AD413B23FA}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [{33921DE3-1678-47F3-B03D-58ADFAAA8E75}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe FirewallRules: [{4262CF90-CDB3-48E4-8262-420F3959870C}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe FirewallRules: [{E7A13D16-D383-4C17-BA17-967D807E7910}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe FirewallRules: [{55146114-42A9-4CE5-9C2D-1F9131EEB6CE}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe FirewallRules: [{55330B54-752C-4609-ADD0-E853567843B1}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{9B86476D-4B8E-4E99-BAAE-EDA3AE124075}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{B8FE4828-C5B8-4A76-9B8F-BF26CB9750E5}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe FirewallRules: [{5DD6404D-026D-42CA-9BD6-090EEAADD966}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe FirewallRules: [{41B54F67-9BC0-4378-BAAB-62D37E28EE56}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe FirewallRules: [{FF1F9AF3-EBAF-4536-9B22-747706491C3C}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe FirewallRules: [{38EE0B79-7C2F-4E11-A694-6F9933F442F1}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{F97DAFDF-83AA-4F82-92CA-16C7FF590E5F}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe FirewallRules: [{1D29C21C-4377-4608-9FF3-D5BC34CC3C4F}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe FirewallRules: [{17CD0ECA-6326-4F1B-B6AB-9A4E8A102419}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe FirewallRules: [{30D9CEDC-1322-4DE4-B4CE-B9D5047E8A54}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe FirewallRules: [{040D1641-4C56-4A15-93CC-C40D90548981}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe FirewallRules: [{C8178934-0524-4EC5-BA8B-7E3DAC08D530}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe FirewallRules: [{5992693D-8903-47C6-BAA2-2756F7A6D6D3}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe FirewallRules: [{1DC510B0-AEEB-4493-9188-C68DF1F32639}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe FirewallRules: [{A5E43CD3-E354-41E3-9AC0-313D1EC0E1C5}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe FirewallRules: [{333BC897-90AC-482F-8F21-EE9DF23F3DA5}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{127529E8-13F9-4DEA-B0E3-E697D0126341}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{984443CE-2414-4470-9101-6CD0D8751E51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{0F6F90B8-252C-4DED-9768-04BE7D70B184}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{737020B6-038D-47FD-A552-DEE0C32184F5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{8BF08470-F436-4125-BC5C-9F5BE0BD8BC6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{B23A9CBD-944A-4B8A-908D-F05FD7FE0A43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{862ED0C8-9A3B-43FA-BF95-D9BDF1C5F46B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{3481929B-73FE-4E93-AB4C-8D64F1514BB5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{EF6E2FFE-04E4-43E3-8238-B837DF95C4F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{D3FEAB5E-4E26-4E4C-BB4B-CF6EB31B41F9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{093BF596-4D5D-498C-BC4E-6B27BB70A194}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{312A6D96-6255-46D1-BA42-B2AE5C26F7DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{470BE6A0-726A-46DB-B85D-53BFD5782143}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{519D4705-92EC-46D2-9C72-FFDBB9A2BE77}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe FirewallRules: [{BD8F58A2-001D-48B5-B334-C412CD9251C8}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe FirewallRules: [{91FF854C-8A60-4441-BEFA-F55411869C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A56FB58A-4C3D-44A2-A7B8-30B1F51D34DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{04DC6D2D-5496-4AFC-B81C-F659EAA5D7DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{25A176A3-16B1-4F36-92F8-6E9052135F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2B746569-C12E-434A-B519-C4F88BF1F3C1}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{47272534-44FF-4A2B-900D-A8E83FA9CAA9}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{CF14700C-45FB-416A-9165-B3F05A854DF9}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{44AFC687-00BC-400D-9488-7B3C183E5F86}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{8466E68E-4FC1-419F-8EEA-B68DF3D3F849}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{45C56902-A463-4E95-9EE4-F117A0A0E5AC}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{C1C31FCB-560F-4B70-89DF-BD38FF695D2E}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe FirewallRules: [{174710AB-2116-4E23-950E-626C3A82AD77}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe FirewallRules: [{58353D8B-67DF-48AA-BA6F-BB9D0FB051C8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{A3642419-CCC8-4855-ABD2-8031EE486622}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{C2C56234-E2FE-4E48-8DE1-CA7B0B7A173A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{4C546305-7914-43E0-B9C4-E7D008A8641A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{A9D776B6-2B87-42BC-BC1E-485822AF4E95}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{CBC4515A-2873-4CC4-A195-D80B9F4C6BA5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{07CB98CA-5F80-43B9-A072-FE3355D96FA9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{BA759C96-9FF3-4CA9-B4FD-5EF5D1217F07}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{CB8CE0AB-2C77-4120-8008-0096614F5CDB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2C2F497D-C1AE-4205-99D0-498CD78474EF}] => (Allow) LPort=8844 FirewallRules: [{FB9D0B5C-521E-4050-AEEC-E764B21810CF}] => (Allow) LPort=1900 FirewallRules: [{01B461EF-AA00-4C4D-8D0A-D6E2A15D2FFC}] => (Allow) LPort=1900 FirewallRules: [{C73DDE85-C48D-40DC-8C59-3DFB65676C41}] => (Allow) LPort=1980 FirewallRules: [{821B5ED0-202B-43B7-AD37-01B0958A4049}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe FirewallRules: [{6C39CC60-F195-44B3-9FD9-553BE0B136CC}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe FirewallRules: [{4A18B241-9257-498B-A638-3A4ADD4E1B2D}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe FirewallRules: [{EDEFC1A6-6235-460A-906A-2304A28D2E42}] => (Allow) G:\Steam\bin\steamwebhelper.exe FirewallRules: [{842DAF56-24D4-4E0B-B32A-58BC936FE22F}] => (Allow) G:\Steam\bin\steamwebhelper.exe FirewallRules: [{2EB9C82B-3AD7-4B9E-BD8E-4451DC46CB83}] => (Allow) G:\Steam\Steam.exe FirewallRules: [{54488B43-960F-4D12-AE69-0946E2CDD058}] => (Allow) G:\Steam\Steam.exe FirewallRules: [{BEF599F6-1DDE-459C-BA3D-83F26BE54C6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9683C0F8-A9CB-4186-BB0A-72A33E7F75E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{71A4F426-78BA-45F0-9846-4E98A821D710}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{CD76C50E-AD9D-40D4-B774-7602C6B418BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{AEE12E4A-3222-4045-91F6-19243B6C043E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{715BEECC-1619-4764-A28E-88797F5736CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{6711424F-4792-4727-A710-245B80991B2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{AA2A22BC-7D90-4B13-A822-729F908D5179}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{94A526D4-60F7-4E85-8877-F8484FF5354C}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{2EFEF08A-2605-49E1-AA2E-757F35357D23}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{3A3C1E4B-CEF6-4B6D-9771-14C0257FECE4}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{9CD1A4CD-3418-42DB-A2FB-BD17916ACD7F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe FirewallRules: [{97FDE75A-EFF0-4D0F-9337-A4FF2739435F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe FirewallRules: [{7DDEDE23-8EA3-42CC-9483-BF4D509B05D3}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe FirewallRules: [{778BBD36-E31F-4D0C-BC80-85AB5D6EB0C5}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe FirewallRules: [{71FD6C43-3435-455C-9003-92844E435C9A}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{ED93A94E-3585-411B-8DFD-46E4BF277273}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{1A7C2B0D-AE80-45DF-9D84-B70264F5B9A0}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{DC823B45-6A70-429E-897A-B8F473594558}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe FirewallRules: [{5CA73B85-4988-4426-A422-80CED2383079}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{55A8DEB8-8EEC-48BB-B6C3-24EC61FEC173}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe FirewallRules: [{BC1D0292-4AEE-4D48-848B-06836A171463}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{972A9258-F0E0-4B80-94DA-785704AB3C8A}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe FirewallRules: [{8C756373-14E7-43C7-86D7-F455CD411704}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{42F3BB53-D6E0-4E2A-9AF7-2F4A515ACF26}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{1E9EB20A-38B2-49C6-9E7F-08514D986BBC}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe FirewallRules: [{C98FCD3A-75DB-4758-9D04-78A42CC9689B}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe FirewallRules: [{C023F0B8-3DB5-48E9-9153-AEA0C16CE10D}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe FirewallRules: [{BAE0B04E-D105-4630-8B40-39CB5487E1BE}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe FirewallRules: [{D1036E5B-5F4F-46CA-8947-0AEC60F7FC2A}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{017611F5-21A5-45BA-A716-9E9A1D831ACE}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe FirewallRules: [{38EB278A-52FB-4BD5-BF8C-343A419CCB30}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe FirewallRules: [{CB3BF89D-DAD2-429C-BF11-27907AA75F2B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EF435C5B-9A92-461F-8ADE-84D1AAD6DBCA}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{6926DFA3-F39B-4F35-B750-809B11A1A7AE}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe FirewallRules: [{2C9BFD9B-ABAC-4E56-9B53-60D481B088E4}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe FirewallRules: [{0F9BFCA7-AC9C-4388-B0B6-078162F63C87}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe FirewallRules: [{53D6424B-907C-49B1-884F-6C2E48F7D84B}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{B2ED2CAB-75A6-4F8E-9FB9-9B11C28C0921}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 21-06-2016 15:24:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 21-06-2016 15:24:28 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 24-06-2016 17:20:46 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/24/2016 05:52:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0 Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f Exception code: 0xc0000005 Fault offset: 0x0000000000010f73 Faulting process ID: 0x13f4 Faulting application start time: 0xNvStreamNetworkService.exe0 Faulting application path: NvStreamNetworkService.exe1 Faulting module path: NvStreamNetworkService.exe2 Report ID: NvStreamNetworkService.exe3 Faulting package full name: NvStreamNetworkService.exe4 Faulting package-relative application ID: NvStreamNetworkService.exe5 Error: (06/24/2016 05:22:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe CEF Helper.exe, version: 3.7.0.271, time stamp: 0x57515883 Faulting module name: libcef.dll, version: 3.2171.2069.0, time stamp: 0x551bdc44 Exception code: 0xc0000005 Fault offset: 0x00444106 Faulting process ID: 0x288c Faulting application start time: 0xAdobe CEF Helper.exe0 Faulting application path: Adobe CEF Helper.exe1 Faulting module path: Adobe CEF Helper.exe2 Report ID: Adobe CEF Helper.exe3 Faulting package full name: Adobe CEF Helper.exe4 Faulting package-relative application ID: Adobe CEF Helper.exe5 Error: (06/24/2016 05:20:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/24/2016 05:04:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0 Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f Exception code: 0xc0000005 Fault offset: 0x0000000000010f73 Faulting process ID: 0x2d60 Faulting application start time: 0xNvStreamNetworkService.exe0 Faulting application path: NvStreamNetworkService.exe1 Faulting module path: NvStreamNetworkService.exe2 Report ID: NvStreamNetworkService.exe3 Faulting package full name: NvStreamNetworkService.exe4 Faulting package-relative application ID: NvStreamNetworkService.exe5 Error: (06/22/2016 02:03:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643 Exception code: 0xc0000005 Fault offset: 0x000000000019c458 Faulting process ID: 0x220c Faulting application start time: 0xAdobe Premiere Pro.exe0 Faulting application path: Adobe Premiere Pro.exe1 Faulting module path: Adobe Premiere Pro.exe2 Report ID: Adobe Premiere Pro.exe3 Faulting package full name: Adobe Premiere Pro.exe4 Faulting package-relative application ID: Adobe Premiere Pro.exe5 Error: (06/21/2016 04:18:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643 Exception code: 0xc0000005 Fault offset: 0x000000000019c458 Faulting process ID: 0x2608 Faulting application start time: 0xAdobe Premiere Pro.exe0 Faulting application path: Adobe Premiere Pro.exe1 Faulting module path: Adobe Premiere Pro.exe2 Report ID: Adobe Premiere Pro.exe3 Faulting package full name: Adobe Premiere Pro.exe4 Faulting package-relative application ID: Adobe Premiere Pro.exe5 Error: (06/21/2016 03:24:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/21/2016 03:24:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/20/2016 12:04:16 AM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: The backup was not successful. The error is: Access is denied. (0x80070005). Error: (06/20/2016 12:04:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . System errors: ============= Error: (06/24/2016 05:52:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (06/24/2016 05:52:14 PM) (Source: volmgr) (EventID: 45) (User: ) Description: The system could not sucessfully load the crash dump driver. Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 45) (User: ) Description: The system could not sucessfully load the crash dump driver. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/24/2016 05:51:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 = An instance of the service is already running. Error: (06/24/2016 05:50:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-06-19 19:00:13.820 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 13:06:52.263 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 21:02:14.837 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 22:04:15.180 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 17:26:06.072 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-21 04:08:55.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-20 04:36:53.096 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-15 04:26:54.937 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 04:01:32.726 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 15:03:41.951 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz Percentage of memory in use: 11% Total physical RAM: 32574.06 MB Available physical RAM: 28985.02 MB Total Virtual: 65342.06 MB Available Virtual: 61505.16 MB ==================== Drives ================================ Drive c: (Sarah) (Fixed) (Total:222.9 GB) (Free:119.74 GB) NTFS Drive f: (Pandora) (Fixed) (Total:1862.88 GB) (Free:644.21 GB) exFAT Drive g: (Mei) (Fixed) (Total:1863.01 GB) (Free:570.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D347A590) Partition 1: (Not Active) - (Size=1863 GB) - (Type=42) ======================================================== Disk: 1 (Size: 223.6 GB) (Disk ID: DB3EED98) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================ Thanks again for your time -Moto
  6. AppleMoto
    Okay this is strange when I rebooted my computer today the slider came back, but after about 10 mins I checked again and it had gone. Before I started this 'cleaning process' it was there all the time. Anyway here's the checkup log Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Kaspersky Internet Security Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 12.0.0.77 Flash Player out of Date! Adobe Reader XI Mozilla Firefox 21.0 Firefox out of Date! Google Chrome 33.0.1750.154 Google Chrome 34.0.1847.116 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe Kaspersky Lab Kaspersky Internet Security 14.0.0 klwtblfs.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  7. AppleMoto
    is it possible I was able to remove the malware by using the steps others did?
  8. AppleMoto
    It is no longer present
  9. AppleMoto
    I ran the scan and it found nothing, I couldn't find a Log, I suppose the problem has been fixed?
  10. AppleMoto
    There are no adds playing, there is just the Slider in my audio mixer. I have run all these programmes like RougueKiller combofFix and TDSKiller, and several others, I've probably done some damage to my computer by using these tools without really knowing what I'm doing. I have noticed that as long as MalwareByte is running the slider disappears. If I deactivate it the slider tends to come back.
  11. AppleMoto
    ComboFix 14-04-20.01 - Apple 24/04/2014 13:09:01.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8156.5935 [GMT 1:00] Running from: c:\users\Apple\Desktop\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886} FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2014-03-24 to 2014-04-24 ))))))))))))))))))))))))))))))) . . 2014-04-24 12:15 . 2014-04-24 12:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-04-23 22:28 . 2014-04-24 11:43 -------- d-----w- c:\windows\ERUNT 2014-04-23 21:57 . 2014-04-23 22:05 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-04-23 15:44 . 2014-04-24 11:49 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-04-23 15:44 . 2014-04-23 21:57 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-04-23 15:44 . 2014-04-03 08:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-04-23 15:44 . 2014-04-03 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-04-23 15:43 . 2014-04-23 15:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-04-23 15:43 . 2014-04-23 15:43 -------- d-----w- c:\programdata\Malwarebytes 2014-04-23 15:38 . 2014-04-23 15:38 -------- d-----w- c:\program files\CCleaner 2014-04-23 15:36 . 2014-04-23 15:36 -------- d-----w- c:\program files (x86)\Common Files\Java 2014-04-23 15:36 . 2014-04-23 15:36 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-04-23 15:30 . 2014-04-23 15:30 -------- d-----w- c:\program files (x86)\VS Revo Group 2014-04-23 13:39 . 2014-04-23 15:06 -------- d-----w- C:\AdwCleaner 2014-04-22 11:05 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll 2014-04-22 11:05 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll 2014-04-22 11:05 . 2014-04-17 04:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A6185D8-B8AA-4DAF-B81E-CC0347FE3CB1}\mpengine.dll 2014-04-22 10:56 . 2014-03-06 08:32 574976 ----a-w- c:\windows\system32\ieui.dll 2014-04-22 10:55 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2014-04-22 10:55 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2014-04-22 10:55 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll 2014-04-22 10:55 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll 2014-04-22 10:55 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll 2014-04-22 10:55 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll 2014-04-22 10:55 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll 2014-04-22 10:55 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll 2014-04-22 10:54 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2014-04-22 10:54 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2014-04-19 23:44 . 2014-04-24 03:08 -------- d-----w- c:\program files (x86)\7-Zip 2014-04-19 22:49 . 2014-04-19 22:49 -------- d-----w- c:\users\Apple\AppData\Roaming\com.adobe.amp 2014-04-13 04:11 . 2014-04-13 04:11 -------- d-----w- c:\users\Apple\AppData\Local\Eraser 6 2014-04-12 17:48 . 2014-04-12 17:48 -------- d-----w- c:\program files\Eraser 2014-04-11 23:22 . 2014-04-11 23:38 -------- d-----w- c:\users\Apple\AppData\Roaming\Nidhogg 2014-04-10 11:54 . 2014-04-10 11:54 1002728 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll 2014-04-10 11:53 . 2014-04-10 12:08 -------- d-----w- c:\users\Apple\AppData\Roaming\DS Capture 2014-04-10 01:18 . 2014-04-10 01:18 -------- d-----w- c:\users\Apple\New folder 2014-04-10 01:16 . 2014-04-10 01:26 -------- d-----w- c:\users\Apple\AppData\Roaming\TrueCrypt 2014-04-10 01:16 . 2014-04-10 01:16 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys 2014-04-10 01:16 . 2014-04-10 01:16 -------- d-----w- c:\program files\TrueCrypt 2014-04-08 00:52 . 2014-04-08 00:52 -------- d-----w- c:\program files (x86)\AGEIA Technologies 2014-04-08 00:52 . 2014-03-04 11:32 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2014-04-08 00:45 . 2014-03-21 19:43 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2014-04-08 00:45 . 2014-03-21 19:43 33568 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2014-04-05 13:22 . 2014-04-22 12:49 -------- d-----w- c:\users\Apple\AppData\Roaming\vlc 2014-03-27 22:14 . 2014-03-27 22:14 -------- d-----w- c:\users\Apple\AppData\Local\Skype 2014-03-27 22:13 . 2014-03-27 22:13 -------- d-----w- c:\program files (x86)\Common Files\Skype 2014-03-27 22:13 . 2014-03-27 22:13 -------- d-----r- c:\program files (x86)\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-10 11:42 . 2013-06-07 00:47 25640 ------w- c:\windows\gdrv.sys 2014-04-10 02:01 . 2013-06-08 00:49 90655440 ----a-w- c:\windows\system32\MRT.exe 2014-04-09 21:00 . 2013-06-07 00:47 30528 ----a-w- c:\windows\GVTDrv64.sys 2014-04-02 13:27 . 2014-01-22 21:04 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll 2014-04-02 13:27 . 2014-01-22 21:04 1225920 ----a-w- c:\windows\system32\nvspcap64.dll 2014-04-01 12:55 . 2013-06-07 01:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-04-01 12:55 . 2013-06-07 01:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-03-31 08:35 . 2013-06-07 00:26 270496 ------w- c:\windows\system32\MpSigStub.exe 2014-03-25 00:01 . 2013-10-11 13:25 625248 ----a-w- c:\windows\system32\drivers\klif.sys 2014-03-25 00:01 . 2013-06-08 20:18 115296 ----a-w- c:\windows\system32\drivers\klflt.sys 2014-03-21 19:43 . 2013-07-30 20:59 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll 2014-03-04 14:35 . 2013-06-08 01:55 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll 2014-03-04 14:35 . 2013-06-07 00:59 62408 ----a-w- c:\windows\system32\OpenCL.dll 2014-03-04 14:35 . 2013-06-07 00:59 54216 ----a-w- c:\windows\SysWow64\OpenCL.dll 2014-03-04 14:35 . 2013-06-07 00:52 947808 ----a-w- c:\windows\system32\nvumdshimx.dll 2014-03-04 14:35 . 2013-06-07 00:51 3093280 ----a-w- c:\windows\system32\nvapi64.dll 2014-03-04 14:35 . 2013-06-07 00:51 2715264 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-03-04 14:35 . 2013-02-25 23:32 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2014-03-04 13:06 . 2013-06-07 00:59 6714312 ----a-w- c:\windows\system32\nvcpl.dll 2014-03-04 13:06 . 2013-06-07 00:59 3497816 ----a-w- c:\windows\system32\nvsvc64.dll 2014-03-04 13:05 . 2013-06-07 00:59 922968 ----a-w- c:\windows\system32\nvvsvc.exe 2014-03-04 13:05 . 2013-06-07 00:59 64968 ----a-w- c:\windows\system32\nvshext.dll 2014-03-04 13:05 . 2013-06-07 00:59 386336 ----a-w- c:\windows\system32\nvmctray.dll 2014-03-04 13:05 . 2013-06-07 00:59 3649185 ----a-w- c:\windows\system32\nvcoproc.bin 2014-03-04 09:17 . 2014-04-09 21:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2014-02-18 11:05 . 2013-10-11 13:25 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys 2014-02-07 01:23 . 2014-03-12 23:12 3156480 ----a-w- c:\windows\system32\win32k.sys 2014-02-04 02:32 . 2014-03-12 23:12 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll 2014-02-04 02:32 . 2014-03-12 23:12 624128 ----a-w- c:\windows\system32\qedit.dll 2014-02-04 02:04 . 2014-03-12 23:12 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll 2014-02-04 02:04 . 2014-03-12 23:12 509440 ----a-w- c:\windows\SysWow64\qedit.dll 2014-01-29 02:32 . 2014-03-12 23:12 484864 ----a-w- c:\windows\system32\wer.dll 2014-01-29 02:06 . 2014-03-12 23:12 381440 ----a-w- c:\windows\SysWow64\wer.dll 2014-01-28 02:32 . 2014-03-12 23:12 228864 ----a-w- c:\windows\system32\wwansvc.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-06-22 23:45 220632 ----a-w- c:\users\Apple\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-06-22 23:45 220632 ----a-w- c:\users\Apple\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-06-22 23:45 220632 ----a-w- c:\users\Apple\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-21 1826496] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x] R3 ElgatoGC658Y;Elgato Game Capture;c:\windows\system32\Drivers\ElgatoGC658.sys;c:\windows\SYSNATIVE\Drivers\ElgatoGC658.sys [x] R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x] S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x] S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x] S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Apple\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys;c:\users\Apple\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [x] S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x] S3 CMUSBDAC;USB Audio Class 1.0 and 2.0 DAC Device Driver;c:\windows\system32\DRIVERS\CMUSBDAC.sys;c:\windows\SYSNATIVE\DRIVERS\CMUSBDAC.sys [x] S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x] S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x] S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 75572011 *Deregistered* - 75572011 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-04-10 22:15 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2014-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-07 00:15] . 2014-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-07 00:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-06-22 23:45 244696 ----a-w- c:\users\Apple\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-06-22 23:45 244696 ----a-w- c:\users\Apple\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-06-22 23:45 244696 ----a-w- c:\users\Apple\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-02 1225920] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [bU] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm TCP: DhcpNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{0C9D2F1B-4F4A-4304-AA60-0170F248C43F}: DhcpNameServer = 194.168.4.100 194.168.8.100 FF - ProfilePath - c:\users\Apple\AppData\Roaming\Mozilla\Firefox\Profiles\qqsabzjn.default\ . - - - - ORPHANS REMOVED - - - - . SafeBoot-75572011.sys . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-295262640-194719373-3639753972-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-295262640-194719373-3639753972-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-295262640-194719373-3639753972-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72760EB2-E2F0-5EE6-8F2C-661A01B34E53}*] "haamfmgfakmmiknb"=hex:63,62,64,68,65,64,6e,65,64,66,70,6b,6a,65,6a,6c,63,63, 6d,6a,62,6b,63,65,6e,6e,6a,68,6a,6a,61,67,66,68,6c,6a,6b,70,00,00 "iacmppnjgigcmomnhd"=hex:63,62,64,68,65,64,6e,65,64,66,70,6b,6a,65,6a,6c,63,63, 6d,6a,62,6b,63,65,6e,6e,6a,68,6a,6a,61,67,66,68,6c,6a,6b,70,00,00 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-04-24 13:16:11 ComboFix-quarantined-files.txt 2014-04-24 12:16 ComboFix2.txt 2014-04-23 15:27 ComboFix3.txt 2014-04-23 14:38 ComboFix4.txt 2014-04-23 14:08 . Pre-Run: 1,412,034,637,824 bytes free Post-Run: 1,411,598,381,056 bytes free . - - End Of File - - B83CAF20D38FDF873F36C650D890A312 A36C5E4F47E84449FF07ED3517B43A31 TDSSKiller.3.0.0.33_24.04.2014_12.50.32_log.txt
  12. AppleMoto
    I believe I spoke to soon as the problem returned. I also forgot to post the last report last night. RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Apple [Admin rights]Mode : Scan -- Date : 04/24/2014 04:35:16| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD20EZRX-00DC0B0 ATA Device +++++--- User ---[MBR] 0424e1249de7b2683d74b28448b6658d[bSP] 8e35dd9d12a142f2e137ce455a883e06 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 MBUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_04242014_043516.txt >>
  13. AppleMoto
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2 Run by Apple at 4:24:07 on 2014-04-24 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8156.6041 [GMT 1:00] . AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886} SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Program Files\Tablet\Wacom\WTabletServicePro.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Bamboo Dock\BambooCore.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe C:\Program Files\Tablet\Wacom\WacomHost.exe C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" dRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{0C9D2F1B-4F4A-4304-AA60-0170F248C43F} : DHCPNameServer = 194.168.4.100 194.168.8.100 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Apple\AppData\Roaming\Mozilla\Firefox\Profiles\qqsabzjn.default\ . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-6-8 55280] R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2013-6-7 22680] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792] R1 klpd;klpd;C:\Windows\System32\drivers\klpd.sys [2013-4-12 15456] R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-5-14 55904] R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-6-6 178272] R2 avp;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-11 214512] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-7 166720] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-4-23 1809720] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-4-23 857912] R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-22 1615192] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-30 20541216] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-4-8 411936] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-7 365376] R2 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Apple\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [2013-6-9 14544] R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2014-3-17 621336] R3 CMUSBDAC;USB Audio Class 1.0 and 2.0 DAC Device Driver;C:\Windows\System32\drivers\CMUSBDAC.sys [2013-10-15 386560] R3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-6-9 14136] R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-10-11 29280] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-10-11 29280] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-4-23 25816] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-4-23 119512] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-4-23 63192] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-4-8 40392] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-6-7 646248] R3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2014-3-17 90424] R3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2014-3-17 15160] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 ElgatoGC658Y;Elgato Game Capture;C:\Windows\System32\drivers\ElgatoGC658.sys [2012-11-12 50288] S3 etdrv;etdrv;C:\Windows\etdrv.sys [2013-6-9 25640] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-6-23 57840] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2013-6-7 30528] S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-6-7 160256] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-22 111616] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-22 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-22 56832] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-8 1255736] S4 klflt;klflt;C:\Windows\System32\drivers\klflt.sys [2013-6-8 115296] . =============== Created Last 30 ================ . 2014-04-23 22:28:48 -------- d-----w- C:\Windows\ERUNT 2014-04-23 21:57:44 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-04-23 15:44:18 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-04-23 15:44:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-04-23 15:44:00 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-04-23 15:44:00 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-04-23 15:43:59 -------- d-----w- C:\ProgramData\Malwarebytes 2014-04-23 15:43:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-23 15:38:14 -------- d-----w- C:\Program Files\CCleaner 2014-04-23 15:36:14 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-04-23 15:30:29 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2014-04-23 15:27:19 -------- d-sh--w- C:\$RECYCLE.BIN 2014-04-23 14:00:58 98816 ----a-w- C:\Windows\sed.exe 2014-04-23 14:00:58 256000 ----a-w- C:\Windows\PEV.exe 2014-04-23 14:00:58 208896 ----a-w- C:\Windows\MBR.exe 2014-04-23 13:39:21 -------- d-----w- C:\AdwCleaner 2014-04-22 11:05:33 6574592 ----a-w- C:\Windows\System32\mstscax.dll 2014-04-22 11:05:33 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll 2014-04-22 11:05:16 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A6185D8-B8AA-4DAF-B81E-CC0347FE3CB1}\mpengine.dll 2014-04-22 10:55:44 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll 2014-04-22 10:55:41 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2014-04-22 10:55:39 243200 ----a-w- C:\Windows\System32\rdpudd.dll 2014-04-22 10:55:39 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll 2014-04-22 10:55:39 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll 2014-04-22 10:55:38 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll 2014-04-22 10:55:04 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll 2014-04-22 10:55:04 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll 2014-04-22 10:54:59 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2014-04-22 10:54:59 366592 ----a-w- C:\Windows\System32\qdvd.dll 2014-04-19 22:49:22 -------- d-----w- C:\Users\Apple\AppData\Roaming\com.adobe.amp 2014-04-13 04:11:38 -------- d-----w- C:\Users\Apple\AppData\Local\Eraser 6 2014-04-12 17:48:29 -------- d-----w- C:\Program Files\Eraser 2014-04-11 23:22:41 -------- d-----w- C:\Users\Apple\AppData\Roaming\Nidhogg 2014-04-10 11:54:03 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll 2014-04-10 11:53:04 -------- d-----w- C:\Users\Apple\AppData\Roaming\DS Capture 2014-04-10 01:18:46 -------- d-----w- C:\Users\Apple\New folder 2014-04-10 01:16:57 -------- d-----w- C:\Users\Apple\AppData\Roaming\TrueCrypt 2014-04-10 01:16:35 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys 2014-04-10 01:16:15 -------- d-----w- C:\Program Files\TrueCrypt 2014-04-08 00:52:14 599840 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2014-04-08 00:45:51 40392 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys 2014-04-08 00:45:51 33568 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll 2014-03-27 22:14:13 -------- d-----w- C:\Users\Apple\AppData\Local\Skype 2014-03-27 22:13:59 -------- d-----r- C:\Program Files (x86)\Skype . ==================== Find3M ==================== . 2014-04-10 11:42:32 25640 ------w- C:\Windows\gdrv.sys 2014-04-09 21:00:23 30528 ----a-w- C:\Windows\GVTDrv64.sys 2014-04-02 13:27:17 1081112 ----a-w- C:\Windows\SysWow64\nvspcap.dll 2014-04-02 13:27:05 1225920 ----a-w- C:\Windows\System32\nvspcap64.dll 2014-04-01 12:55:45 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-04-01 12:55:45 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-03-31 08:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe 2014-03-25 00:01:42 115296 ----a-w- C:\Windows\System32\drivers\klflt.sys 2014-03-21 19:43:50 37320 ----a-w- C:\Windows\System32\nvaudcap64v.dll 2014-03-06 09:32:16 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll 2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-03-06 08:32:07 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll 2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll 2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-03-04 13:06:00 6714312 ----a-w- C:\Windows\System32\nvcpl.dll 2014-03-04 13:06:00 3497816 ----a-w- C:\Windows\System32\nvsvc64.dll 2014-03-04 13:05:58 922968 ----a-w- C:\Windows\System32\nvvsvc.exe 2014-03-04 13:05:58 64968 ----a-w- C:\Windows\System32\nvshext.dll 2014-03-04 13:05:57 386336 ----a-w- C:\Windows\System32\nvmctray.dll 2014-03-04 13:05:53 3649185 ----a-w- C:\Windows\System32\nvcoproc.bin 2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll 2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll 2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe 2014-02-18 11:05:48 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys 2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys 2014-02-04 02:35:56 190912 ----a-w- C:\Windows\System32\drivers\storport.sys 2014-02-04 02:35:49 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2014-02-04 02:35:35 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll 2014-02-04 02:28:36 2048 ----a-w- C:\Windows\System32\iologmsg.dll 2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2014-02-04 02:00:39 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll 2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll 2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll 2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll . ============= FINISH: 4:24:26.13 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 07/06/2013 01:06:00 System Uptime: 24/04/2014 04:07:53 (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | H61M-S2PV REV 2.2 Processor: Intel® Core i5-3570 CPU @ 3.40GHz | Intel® Core i5-3570 CPU @ 3.40GHz | 2394/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1863 GiB total, 1315.401 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP151: 22/04/2014 11:48:58 - Installed DirectX RP152: 22/04/2014 11:55:12 - Windows Update RP153: 22/04/2014 13:23:15 - Removed Java 7 Update 51 RP154: 22/04/2014 14:43:51 - Windows Update RP155: 23/04/2014 16:31:27 - Revo Uninstaller's restore point - Ursa Spelling RP156: 23/04/2014 16:35:34 - Installed Java 7 Update 55 RP157: 24/04/2014 00:29:10 - Removed Microsoft LifeCam . ==== Installed Programs ====================== . @BIOS 64 Bit HP CIO Components Installer 9.03m Adobe AIR Adobe Community Help Adobe Flash Player 10 ActiveX Adobe Flash Player 11 ActiveX Adobe Flash Player 12 Plugin Adobe Media Player Adobe Reader XI (11.0.03) AIM for Windows Amnesia: A Machine for Pigs Apple Application Support Apple Mobile Device Support Apple Software Update Assassin’s Creed® III Assault Android Cactus Audacity 2.0.3 AutoGreen B12.0206.1 Bamboo Dock Batman™: Arkham Origins BioShock Infinite Bonjour Broforce Brothers - A Tale of Two Sons Castle of Illusion CCleaner Cloudberry Kingdom Company of Heroes 2 D3DX10 Democracy 3 DJ_AIO_06_F2400_SW_Min DmC Devil May Cry Don't Starve DuckTales Remastered Easy Tune 6 B12.1102.1 Elgato Game Capture HD Eraser 6.0.10.2620 F1 2013 Far Cry® 3 Far Cry® 3 Blood Dragon Final Hours of Tomb Raider Foul Play Fraps (remove only) FTL: Faster Than Light Gone Home Goodbye Deponia Google Chrome Google Toolbar for Internet Explorer Google Update Helper GRID 2 Gun Monkeys Gunpoint Half Minute Hero: Super Mega Neo Climax Ultimate Boy HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6 ImgBurn Intel® Management Engine Components Intel® Trusted Connect Service Client iTunes Java 7 Update 55 Java Auto Updater join.me Junk Mail filter update Kaspersky Internet Security LAME v3.99.3 (for Windows) League of Legends LEGO MARVEL Super Heroes Malwarebytes Anti-Malware version 2.0.1.1004 Master Reboot Memoria Metal Slug 3 Metro: Last Light Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Corporation Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft XNA Framework Redistributable 4.0 Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 MirrorMoon EP Monaco Montague's Mount Movie Maker Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MultiScreen My Game Long Name Nidhogg NVIDIA 3D Vision Controller Driver 335.21 NVIDIA 3D Vision Driver 335.23 NVIDIA Control Panel 335.23 NVIDIA GeForce Experience 2.0 NVIDIA Graphics Driver 335.23 NVIDIA HD Audio Driver 1.3.30.1 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX NVIDIA PhysX System Software 9.13.1220 NVIDIA ShadowPlay 12.4.55 NVIDIA Stereoscopic 3D Driver NVIDIA Update 12.4.55 NVIDIA Update Core NVIDIA Virtual Audio 1.2.22 ON_OFF Charge B12.1025.1 Open Broadcaster Software OpenOffice 4.0.0 Pando Media Booster Papers, Please PAYDAY 2 Photo Common Photo Gallery Pokemon Showdown PxMergeModule Rayman Legends Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Remember Me Revo Uninstaller 1.95 Rogue Legacy Saints Row IV Samsung_MonSetup Scan Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) SHIELD Streaming ShootMania Storm Skullgirls Skullgirls Beta Skulls of the Shogun Skype™ 6.14 South Park™: The Stick of Truth™ Spotify Steam Strike Suit Zero Super Meat Boy Surgeon Simulator 2013 System Requirements Lab for Intel Talisman: Digital Edition Team Fortress 2 The 39 Steps The Night of the Rabbit The Stanley Parable The Walking Dead The Walking Dead: Season Two The Wolf Among Us They Bleed Pixels Tom Clancy's Splinter Cell Blacklist Tomb Raider Toolbox Total War: ROME II TrueCrypt Unity Web Player VLC media player 2.0.6 Wacom Tablet WebTablet FB Plugin 32 bit WebTablet FB Plugin 64 bit Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (64-bit) . ==== End Of File ===========================
  14. AppleMoto
    Before receiving a reply I tried a few things and the problem seems to have stopped, but I will post the reports just to be sure Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24/04/2014 Scan Time: 04:18:34 Logfile: Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.24.02 Rootkit Database: v2014.03.27.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Apple Scan Type: Threat Scan Result: Completed Objects Scanned: 269058 Time Elapsed: 5 min, 14 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  15. AppleMoto
    I noticed this today that my audio mixer has a 'Name not Available' slider, I did some digging and found out it may be an infection, I ran some stands antivirus checks and nothing came up.When I rebooted I ended up with two Name not Available' sliders. I've tried some things but the truth is I don't really know what I'm doing. I would really appreciate some help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.